November 21st, 2019 Chapter Meeting: Incident Response

When: Thursday, November 21st, 2019 9:00AM – 2:00P

Note: The October meeting was postponed until November and the format has been expanded to a half day event.



“Prevention is ideal, but detection is a must. However, detection without response has little value.” -anonymous

So, I have an incident, now what? In this talk we will explore PICERL, the six phases of the incident handling process (preparation,
identification, containment, eradication, recovery, and lessons learned). Afterward, participants will know the phases and understand next
steps for each phase, how to identify the team, communicate during an incident, and how to build out the process.

Speaker bio:

Brian Ventura – Information Security Architect, City of Portland

With a diverse background in consulting, public and private sector, and project
management, Brian brings a comprehensive view of security and technology. Brian advises public entities and private companies on security
best practices generally and within large projects. Brian’s day job is with the City of Portland, where he focuses on enterprise security.
Brian also teaches as a SANS Instructor.

Speaker bio:

Pete Dedes – Forensic Examiner Consultant, Avertium

Pete has more than 30 years of experience as a Computer Professional. Current responsibilities at Avertium (formerly Sword & Shield Enterprise Security, Inc.) includescomputer forensics, security assessments, incident response and tasks in the enterprise solutions arena. As a forensic analyst, Pete has provided courtroom testimony in several Tennessee State Courts.

Pete’s education includes an Associate’s degree in Electo-Mechanical Engineering from Owens Technical College in Toledo, OH and a Bachelor of Science Degree in Computer Science from the University of Tennessee.

Industry certifications include the Certified Computer Examiner (CCE) for forensics, and two GIAC certifications, Certified Forensic Analyst (GCFA) and Certified Incident Handler (GCIH). Pete is also licensed in the State of Tennessee as a Private Investigator.


Schwabe, Williamson & Wyatt
1211 SW 5th Ave
Suite 1900
Portland, OR 97204

Posted in Past Presentations | Comments Off on November 21st, 2019 Chapter Meeting: Incident Response

Summer Break

Greetings, we are now on our annual summer break and will resume chapter meetings in the Fall of 2019. The programs committee will be working on our program for the coming chapter year and will notify membership soon. Thank you and enjoy the summer!

Posted in Uncategorized | Comments Off on Summer Break

Culture Eats Strategy for Breakfast: Adding People Back into the Security Equation

We all know that people are a central part of the security equation, but how often are they really considered when you’re looking for ways to reduce organizational risk?  In this talk we’ll explore what security culture really means and why it’s a critical part of your overall security strategy. We’ll probe attitudes and perspectives that may be crippling your efforts to change behaviors, and review elements of a successful security awareness program. Finally, we’ll take a peek under the hood of your enterprise security policies and review strategies for making them more user friendly – and more enforceable.

Let us help you demystify the human and bring them back to their rightful place at the center of your security strategy–and success.


Glaphre Karolak started out as a help desk technician for a Las Vegas-based airline in 2008, and showing more talent for writing than fixing things, she quickly transitioned to documenting departmental procedures, building IT training, and writing the airline’s first information security policies. Glaphre was recruited by Caesars Entertainment as they launched their PCI compliance effort, to lead development of enterprise security policies and establish a security awareness program. Glaphre joined Kindred Healthcare in 2015 in a combined GRC and awareness role, writing policy for ISO 27001 certification, leading implementation of a enterprise document management system, and building a phishing and awareness program. Glaphre now writes for the Cybersecurity Engineering team, develops awareness content and training, and passionately works to transform security culture one relationship at a time. Glaphre has served as the Secretary for ISSA Portland Board of Directors since 2017, and served in the same position for ISSA Las Vegas from 2014-2016. She holds the GSEC certification and is currently studying for her CISSP.

Brian Ventura is a security leader in the Portland area. Brian works for the City of Portland as an Information Security Architect, focusing on GRC, Education and Awareness. Brian volunteers with the Oregon CyberSecurity Advsory Council:, PCC’s CIS Advisory Board and as a Director of Education for ISSA Portland. Brian is also a SANS Instructor, teaching CyberSecurity courses regularly including: Security Essentials, CISSP Certification, CIS Controls and Risk Management. You can find a NIST CSF management tool published on GitHub:, as well as his SANS course schedule:

Tickets on sale now:

Posted in Past Presentations | Comments Off on Culture Eats Strategy for Breakfast: Adding People Back into the Security Equation

ISSA Portland April 2019 Symposium: Zero Trust and Endpoint Security

The board regrets that this event has been cancelled due to low registration and high cost of the venue making this event not viable. The board is looking into adding another event to the calendar in the May/June timeframe. So please stay tuned. Thank you for your patience.

Posted in Past Presentations | Comments Off on ISSA Portland April 2019 Symposium: Zero Trust and Endpoint Security

March 13, 2019 Chapter Meeting: Container Security

When: March 13, 11:30am – 1pm; (Lunch will be provided)

Location: 1900 SW 4th Street, room 2500B (2nd floor)

              *Note new location*

Lunch will be provided.

Title: Modernizing Traditional Security: How Containerization Makes Security and Compliance Easier

Presenter: Keith Mokris, Sr. Product Marketing Manager at Twistlock

As containers become the commonplace method for delivering and deploying applications, organizations are taking a “lift-and-shift” approach to migrating their existing applications. In this presentation, Keith will discuss a non-profit that provides environmental science and engineering oversight to some of the world’s largest civil waterworks projects and their shift to containers. This organization previously relied on a critical 14-year old app that models storm surge. The move to containers for this application delivered immediate benefits, making it easier to manage vulnerabilities, ensure regulatory compliance, and provide runtime defense. Throughout this session, we’ll break down the security advantages of containers relative to traditional architectures using this real life app as an example.

Main takeaways:

  • Learn the technical differences between containers and traditional architectures around vulnerability management, compliance, and runtime security
  • How containerization helps move security upstream in the development lifecycle and why that’s such an important benefit
  • Why containers make compliance instantly easier, by enabling organizations to find and correct problems early on, enforce settings, and automatically block non-compliant configurations
  • How the predictable nature of containers enables a new approach to runtime defense that improved efficiency and scale by reducing human security management effort
  • Lessons learned from a real world organization’s experience migrating a mission critical app to containers and how impacted their security approach

Bio: In his role at Twistlock, Keith tells the story around how enterprises can leverage the company’s cloud native cybersecurity platform to secure their modern applications. Previously, Keith was in charge of product marketing at NowSecure, helping enterprises integrate mobile application security testing into their development pipelines and identify critical vulnerabilities via penetration testing. In his free time, he is a landscape and street photographer.

Posted in Past Presentations | Comments Off on March 13, 2019 Chapter Meeting: Container Security

ISSA Portland: ½ Day Hackathon

When: March 21, 2019 8:30am to 1:30pm

Where: Salesforce | 2035 NE Cornelius Pass Rd | Hillsboro, OR 97124

A complimentary coffee bar, breakfast snacks and lunch will be provided.

We are partnering again with Security Innovation to provide an immersive hands-on hacking experience for our February 2019 ISSA symposium. 

Compete against your fellow ISSA Portland members and guests in a contest of hacking skills to attack and breach the “Shred Retail” site.

This event will provide value for everyone from a non-coder with zero hacking experience to a seasoned penetration tester. There are challenges for all skill levels and interest built into the site and we will have expert help on hand to help anyone who wants it.

Those registering for the event will be provided with a complimentary code for 30-day access to the Security Innovations OWASP 2017 Series training. Course details can be found here:

This code will be provided at least 14 days prior to the event.

Amazon gift cards will be given for:

  • Highest score – $100
  • Runner up – $50
  • Hardest vulnerability – $50
  • First vulnerability – $25

You will need to bring a laptop with the following:

Many thanks to Salesforce for the coffee bar and for hosting this event.

Snacks and lunch are sponsored by:

Posted in Past Presentations | Comments Off on ISSA Portland: ½ Day Hackathon

Holiday Social & Panel Discussion: Managed Security Services Update

Our holiday social will be Wednesday, December 19th from 5:30PM to 8:00PM at Rock Bottom Brewery in downtown Portland.  

We will be holding a panel discussion on managed security services.  This is a great opportunity to gain an understanding of the market for security service providers, what they offer, how they function as a component in your security program and current trends in service offerings.

Please register using the calendar widget.

Panel Participants:

Andy Riley, Chief Technology Officer, GBprotect Inc.

Mr. Riley is a US ARMY veteran and results-oriented security and privacy leader with a record of success directing leading-edge IT security initiatives. Mr. Riley leads the development and management of security services offerings at GBprotect and has over 10 years’ experience delivering hosted IT services.   Prior to joining GBprotect, Mr. Riley held leadership and senior consulting roles with organizations including: The Bill and Melinda Gates Foundation, Public Consulting Group, and State of Washington.

Jesse Nine, Symantec Senior Systems Engineer, Cyber Security Services

Started his career in technology at a local computer shop in Eugene back in ‘95 and got hired on at Symantec in 1999.   Spent much of his years at Symantec working with large enterprise and government customers supporting flagship products (SAV/SEP, SSIM).  Now ply’s his trade as an Senior System Engineer for Symantec’s Cyber Security Services group which includes Symantec’s 14-year, Gartner Magic Quadrant-leading Managed Security Services.

Bowe Hoy, VP Sales, Sword and Shield

This event is sponsored by Symantec.

View Map

Posted in Past Presentations | Comments Off on Holiday Social & Panel Discussion: Managed Security Services Update

November 29th, 2018 Chapter Meeting: Symposium: Identity Governance and Access Management

When: Thursday, November 29th, 2018 from 8:00AM to 1:00PM, (Morning pastries and lunch provided . . . )

Where: Salesforce Offices, 2035 NE Cornelius Pass Rd, Hillsboro, OR 97124

CPEs: 4             This event sponsored by Saviynt.

8:00AM – 8:45AM Networking and Introductions

Session 1: 8:45AM – 9:40AM

Title: “Keeping Pace with the Trajectory of IGA Evolution”

Presented by Diana Volere, Principal Solution Architect with Saviynt

Synopsis: Positive identification and granting of permissions is an old, old problem, but one which continually grows ever more complicated yet ever more necessary. The pressure of compliance regulations, the massive scale of the cloud and the Internet of Things, and the increasing sophistication of attacks are all driving a need to look at Identity Governance and Administration (IGA) in new ways. We’ll touch on the history and explore the current state of capabilities in the space of identity governance, and then prognosticate the directions and challenges to come.

Speaker Bio: Diana Volere has been a professional in security, identity and access for almost twenty years. She has spent time in delivery and pre-sales for leading vendors Novell, Oracle and ForgeRock, as well as consulting with Edgile. Diana has architected and driven sales of solutions for global Fortune 500 companies and focused on several industry-specific verticals, with an emphasis on healthcare and financial. Her aptitude for translating complex technology terminology and capabilities to business value and language plays into her passion for bridging the gap between technology and business needs. Outside of work she loves travel, gastronomy, sci-fi and most other activities associated with being a geek.

Session 2: 9:45AM – 10:40AM

Title: “How to successfully deploy and manage cloud IAM solutions”

Presented by Baber Amin, CTO for West with Ping Identity.

Speaker Bio: Mr. Baber Amin works with Ping customers to develop and evolve their IAM strategy. Baber is also working on Ping’s M&A and ML/AI strategy. Previously, he was responsible for Ping’s solution offerings around OpenBanking, GDPR, Privacy, and Consent, product and solution go-to market and pricing strategy, and for solutions in Employee, and Consumer centric Identity and Access Management. Prior to Ping, Mr. Amin served as Senior Director of product management for IDaaS solutions at Oracle Corp. and CA Technologies and served as Director of Cloud Security with Novell Identity and Security. Mr. Amin is an author on several patents in software security, web caching and content distribution.

Session 3: 10:50AM – 11:45AM

Title: Three Challenges of Identity Security with Modern IT

Presented by Cameron Williams, CTO with OverWatchID

Synopsis: Modern IT environments have three major challenges with traditional identity security products. IT organizations evolved and embraced hybrid IT deployments and cloud services, traditional identity security vendors failed to evolve with them. Organizations are left vulnerable to privilege abuse, insider threats and external attackers. Find out if your organization is affected by these three challenges and learn how they can be prevented.

Speaker Bio: For more than 25 years, Cameron Williams has helped enterpise clients like IBM, Wells Fargo, Sony, BP, and dozens others keep their data safe and secure from data breaches, hacks, ransomware, and spear-phishing. As OverWatchID’s CTO, Cam leads all product design and product development, and is responsible for ensuring that that the company’s cloud-based converged identity security platform is meeting existing and future threats to identity security. Prior to co-founding OverWatchID, Cam held senior positions with InteliSecure, Juniper Networks, Pulse Secure, Virtela Technology Services, IBM, and MCI. Cam studied computer science at North Carolina State University and pre-med at Penn State University. Cam lives in Denver with his daughter Alaura and dog Zoe. He is a competitive Ironman and is an internationally ranked parathlete.

Lunch Break 11:45AM – 12:15PM

Session 4: 12:15PM – 1:00PM

Panel Discussion


Posted in Past Presentations | Comments Off on November 29th, 2018 Chapter Meeting: Symposium: Identity Governance and Access Management

October 18, 2018 Chapter Meeting: Panel Discussion: Tracking the Cyber Threat Landscape

When: Thursday Oct 18, 2018 from 11:30 AM to 1:00 PM  (Lunch will be provided…)

Where: Columbia Square Bldg., 111 SW Columbia, 8th floor conference room – Portland, OR 97201

Topics to include:

  • Quarterly update
  • Trends in threat intelligence
  • The role of AI in malware detection
  • Defense in depth techniques
  • Cloud defenses 

Panel Participants:

Brian Ventura, Security Architect City of Portland

About the panelist: Brian is an Information Security Architect for the City of Portland and a SANS Instructor. Brian volunteers with the ISSA Portland chapter as the Director of Education and with OWASP locally. Over the past 25 years, Brian achieved, holds, and now teaches various industry certifications including CISSP, GSEC, GCIH, GCFA, and GCCC. In addition to his Information Security persona, Brian is a member of the Timbers Army and Thorns Riveters, attending as many games as possible. Find Brian’s teaching schedule:

Cameron Naghdi, Systems Engineering Manager, Malwarebytes

About the Panelist: Cameron Naghdi is the Systems Engineering Manager for US-West at Malwarebytes. Cameron has worked for multiple endpoint technology firms and has supported many vertical markets from retail and healthcare up to Federal/Civilian agencies and the Department of Defense. Cameron is also on the technology advisory board of 802Secure and is Co-Founder and CTO at FilecheckIO. Cameron specializes in understanding the threats of today and  how to prepare solutions to address both today’s and future security challenges.

Chris Sestito, Director of Threat Research, Cylance

About the panelist: Chris Sestito manages the Cylance Threat Research Team, which consists of 30 researchers dedicated to data-science-based analysis and automation development. Chris is based in Austin, Texas and is an eight-year veteran in information security with a wealth of experience in malware analysis and malvertising that helps ensure the security of Cylance customers. Chris also holds Sec+ and C|EH certifications.

Craig Schippers, Principal Field Engineer, Trend Micro

About the Panelist: Craig Schippers is a CISSP Certified Principal Field Engineer at Trend Micro. He has worked in the security industry for approximately 17 years, assisting customers with their Infrastructure Security needs. Craig lives in Portland, Oregon.


Christopher Paidhrin, CISO, City of Portland and ISSA Portland Vice-President

About the moderator: Christopher Paidhrin, is the Chief Information Security Officer for City of Portland, Oregon. For the past 17 years Christopher has been a nationally recognized healthcare Information Security authority, having received recognition, nominations and awards for service excellence, including Network World, ISE, SC Magazine, and Information Security magazine’s 2011 “Security 7” Award. Christopher is a regular media consultant and presents at numerous events across the U.S. Christopher is an advocate of IT Service Management (ITSM) best practices and process improvement, including learning organizations and knowledge management.


This event is sponsored by: Malwarebytes and Trend Micro

Posted in Past Presentations | Comments Off on October 18, 2018 Chapter Meeting: Panel Discussion: Tracking the Cyber Threat Landscape

September 2018 Chapter Meeting: DNS’s Role in Securing your Network

When: Sept 20, 2018 from 11:30 AM to 1:00 PM  (Lunch will be provided…)

Where: Columbia Square Bldg., 111 SW Columbia, 8th floor conference room – Portland, OR 97201

Please register using the calendar widget at right.


Your network is the gateway to the world. Unfortunately, protecting your network from evolving threats is more difficult than ever. Device proliferation, BYOD, Internet of Things, virtualization, hybrid cloud adoption—all are crucial trends that enhance business performance. But they also add complexity and increase the attack surface. DNS is an essential component of network connectivity, but it has emerged as a significant threat vector for malware command and control, DDoS attacks, and data exfiltration. Even as your network modernizes and gains valuable new capabilities, threats multiply exponentially. During this session, learn more about DNS, threats to DNS infrastructure, and different methods to address these threats.

About the Speaker:

Kevin Zettel is a security-focused Technical Marketing Engineer who works with Infoblox to lock down the DNS and secure it for enterprises. Kevin knows that security is the center focus of companies and believes that without security, industries will unquestionably fall apart. Kevin has worked with the Infoblox Security Ecosystem to manage many security vendors such as McAfee, Cisco, ServiceNow, Aruba, and many others. He knows the security landscape and sees the necessity and demand that businesses have to secure their capital. With a degree from Central Washington University and an education in programming, Kevin has the technical know how to get secured.

Posted in Past Presentations | Comments Off on September 2018 Chapter Meeting: DNS’s Role in Securing your Network