October 17, 2017 at 6:30 PM

Cyber Career Paths

Interested in a Cyber Career? Get career advice and insights from a panel of successful Cybersecurity Professionals. The ISSA National Capital Chapter is hosting a Cyber Career Panel as part of TechScoop's DC CyberWeek.

Get career advice and insights from a panel of successful Cybersecurity Professionals.

 

Abstract
Whether you are a senior cyber security expert or just starting your career in cyber, you will benefit from this event. More senior professionals are encouraged to bring their protegees. The session will last approximately 90 minutes and will begin with a brief Chapter introduction and housekeeping, followed by a moderated discussion/Q & A.

Here is a sampling of issues our moderator will cover:

• Brief panelist introduction/bio
• How did you get into cybersecurity?
• What does a typical day look like?
• What certifications and courses do you think are valuable?
• What skills and attributes do you think are most needed in the field?
• What do you look for when hiring?
• What advice would you give a student who wants to be successful in this field?

 

Moderator
Tyrone Wilson President of Cover6 Solutions, Organizer of the D.C. Cyber Security Professionals and Breaking Into Cyber Meet Up groups, Virtual CISO.

Panelists
Eric Mill Senior Advisor, U.S. General Services Administration's Technology Transformation Service (pending Agency approval)

Loren Schwartz, IT Audit Partner, Cotton & Co.

Michael Misumi, CIO, JHU Applied Physics Laboratory

Vu Nguyen, Acting CISO, US Citizenship and Immigration Services


 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, October 17, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor
Washington, DC, 20005

Click here for details.

 

Speaker bios

Eric Mill, Sr. Advisor, TTS/GSA, has been an integral force in moving the digital security discussion into the minds of public servants across the government. He was the driving force behind M-15-13, which requires federal websites to use HTTPS. He leads the “Security-today” listserv, in which the community discusses vulnerabilities, solutions, new technology capabilities, and other cybersecurity-related issues. He was also a main component of the government's recent adoption of bug bounties, which have proved extremely valuable to the Pentagon and others. Eric is a true gem in this field, and we are all lucky to have him in public service.
Eric was just nominated for a FedScoop 50 award.

Mr. Michael Misumi became the Chief Information Officer of the Johns Hopkins University Applied Physics Laboratory on January 3, 2008. In addition to serving as the CIO, Mr. Misumi is a Department Head leading a 350-person department that manages IT applications and infrastructure for APL, while also serving on the front lines of cyber-protection, securing APL networks from hackers and other outside threats. As the nation’s largest University Affiliated Research Center (UARC), APL performs research and development on behalf of the Department of Defense, the intelligence community, the National Aeronautics and Space Administration, and other federal agencies. The Laboratory has more than 6,000 staff members who are making critical contributions to a wide variety of nationally and globally significant technical and scientific challenges. Prior to joining APL he was at the RAND Corp. in Santa Monica, Calif., where he was Deputy CIO. He led the operational Cyber Strategy development and has over 20 years experience developing information technology strategy, security operations, project portfolio management, network operations, data center operations, desktop administration and personnel management. Mr. Misumi is the APL Cyber Response Incident Lead and has led a Cyber Security review of all of Johns Hopkins institutions. In addition to his APL responsibilities, he leads the Navy UARC Cyber Security Task Force, serves on the US Strategic Command’s (USSTRACOM) Strategic Advisory Group (SAG) IT Task Force and the Computer Advisory Committee for Oakridge National Laboratory, and is a Board Member for the Howard County School System Cyber Security program. Mr. Misumi earned a BA and MBA from the University of California, Los Angeles.

Loren Schwartz joined Cotton & Company in May 2002 and was elected a partner in April 2003. He has more than 20 years of diversified information system audit, financial and operational audit, privacy, and risk management consulting experience. He directs many of Cotton & Company’s major information technology reviews and audits. Mr. Schwartz’s experience includes directing and participating in a wide range of system reviews, Federal Information Security Management Act/Federal Information Security Modernization Act (FISMA) audits, financial statement audits, process re-engineering improvement projects, and audits of internal management controls of automated information systems. He has directed projects with clients ranging in size from start-up entrepreneurial organizations to Fortune 500 organizations. His industry experience includes both commercial and governmental clients. Mr. Schwartz has also conducted speaking engagements for well-known industry organizations on a variety of topics related to information technology. Mr. Schwartz holds a Bachelor of Science in Accounting from Virginia Polytechnic Institute and State University. He is a Certified Public Accountant (CPA), a Certified Information Systems Security Professional (CISSP), and a Certified Information Systems Auditor (CISA). He is also an active member of the American Institute of Certified Public Accountants (AICPA) and the Information System Audit and Control Association (ISACA) (Washington, DC Chapter). In addition, Mr. Schwartz is a Board Member at the Ronald McDonald House Charities of Greater Washington, DC.

Vu T. Nguyen is currently serving as the Acting Chief Information Security Officer (CISO) for US. Citizenship and Immigration Services. His responsibilities include providing direction and oversight to all USCIS cyber security initiatives as well as ensuring the FISMA compliance of USCIS systems and programs.
Prior to joining USCIS, Mr. Nguyenserved as the Director of the Federal Information Security Modernization Act (FISMA) Compliance and Metrics Division in the DHS Office of the Chief Information Security Officer. In this role, he was responsible for ensuring department-wide compliance with FISMA and other legislative mandates. He established department-wide compliance reporting metrics to evaluate and mitigate DHS IT security vulnerabilities and ensure the integrity and accountability of all information systems.
Mr. Nguyen has also served the Chief of the DHS Enterprise Security Operations Center (ESOC) from 2014 to 2016. During his tenure, Mr. Nguyen led several major cybersecurity operations and enhanced the overall maturity and efficacy of the ESOC by bolstering its network monitoring and analysis, vulnerability assessment, security engineering, and incident response capabilities.
Mr. Nguyen has also held supervisory positions in the U.S. Customs and Border Patrol and U.S. Department of Commerce security operation centers. He has also supported the Homeland Security Advisory Council Cyberskills Task Force as a subject matter expert in cyber threat analysis and response.

 

 

 

 September 19, 2017 at 6:30 PM

ISSA National Capital Chapter September meeting topic:

DevSecOps - automating security testing
by Naresh Patel of OPTIMOZ

 

Abstract
The wide adoption of cloud has continued to change the way we develop and deliver the quality software. Automated continuous integration pipeline has helped us to deliver quality applications faster. This has allowed many organizations to continuously modernize their applications - no more modernization projects. Recently, we have started adding security testing within the automated CI pipeline to bring the security concerns closer to development to address them way early in the life cycle of the software development by sharing the security responsibility with the development. We will talk about how effectively this is done in the pipeline to practice a true DevSecOps mindset.

 

About the Speaker
Naresh Patel, President of OPTIMOZ is a serial entrepreneur and technologist.  He focuses on the delivery of Agile DevSecOps solutions leveraging heavily on the public cloud.  OPTIMOZ enables enterprises and federal agencies to accelerate development and delivery of applications that engage customers and drive revenue. OPTIMOZ specializes in all aspects of cloud computing, DevSecOps (CI/CD), applications development, systems integration, system administration, database administration, data warehousing and information security. Prior to founding Optimoz, Mr. Patel co-founded a Silicon Valley based successful company, GetHired.Com. He founded OPTIMOZ to share his passion into Agile DevOps development and start-up experience with commercial enterprises and federal agencies. OPTIMOZ is a Amazon AWS Advanced Consulting Partner.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, September 19, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor
Washington, DC, 20005

Click here for details.

 

 

 

 August 15, 2017 at 6:30 PM

ISSA National Capital Chapter August meeting topic:

Securing Microservices 
by Jack Mannino

 

Abstract
Microservices offer a lot of benefits for deploying large-scale applications, but implementing a secure architecture that scales over time can be challenging. Services are highly decoupled from each other as well as producers and consumers of data moving throughout the architecture. Data contracts between services are often blurry, and data sharing between microservices require careful consideration around access patterns and boundaries between related services. New services come, new services go. Some are deployed to containers, some to servers, and some are serverless. Your developers, data scientists, and infrastructure team are all empowered to move quickly and ship new services. Your job is to make sure all of the above happens in a secure and sane way. Microservices offer a lot of benefits for deploying large-scale applications, but implementing a secure architecture that scales over time can be challenging. Services are highly decoupled from each other as well as producers and consumers of data moving throughout the architecture. Data contracts between services are often blurry, and data sharing between microservices require careful consideration around access patterns and boundaries between related services. New services come, new services go. Some are deployed to containers, some to servers, and some are serverless. Your developers, data scientists, and infrastructure team are all empowered to move quickly and ship new services. Your job is to make sure all of the above happens in a secure and sane way. 

In this presentation, we will discuss the challenges with securing microservices and present solutions to make security a seamless and frictionless part of scaling your architecture. Using real-world examples of successes and failures while building a microservice architecture, we will discuss what translates well from monolithic design to microservices, and the bad habits you should leave behind. At the end of this presentation, you’ll understand what separates microservices from traditional monolithic applications and understand the problem space from a secure architectural perspective.

About the Speaker
Jack Mannino is the CEO and founder of nVisium, a technology company focused on making secure development scale. Passionate about technology and solving problems, his expertise spans over 15 years of building, breaking and securing software. Jack founded nVisium in 2009 to invent, test and provide new and more efficient methods of protecting software. He has spoken at conferences globally on topics including software security architecture, mobile application security, and DevOps.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, August 15, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor
Washington, DC, 20005

Click here for details.

 

 

 

 July 18, 2017 at 6:30 PM

ISSA National Capital Chapter July meeting topic:

Derived Personal Identity Verification (PIV) Credentials
by David Coley of Intercede

 

Abstract
Derived credentials have been a technical option on mobile devices for over a decade, yet the deployment and ultimate usage of Derived PIV Credentials (DPC) is a relatively recent innovation for agencies.  The NIST framework outlining the use of DPC, Special Publication 800-157, was released in December 2014.  It defines the administrative process required to ensure a user can prove possession of a valid Personal Identity Verification (PIV) card prior to the issuance of a new PKI credential for use on mobile devices or other platforms that don’t easily support a PIV card and associated reader. To date, many agencies have not engaged closely with NIST and the Federal Identity, Credentialing, and Access Management program to align internal policies and move forward with DPC.  As a result, the U.S. Government either continues to rely on username and password or has forgone access to business and mission applications from mobile devices lacking built-in or attached smart-card readers.

 
The ATARC Mobile Identity Management project team, a collection of industry and government members, found that while the creation and issuance of DPC is relatively well understood, issues associated with credential storage and management, as well as PKI enablement of service providers (aka relying parties, web servers, mobile API’s), remains a significant hurdle to mobile enablement and use.
 
In this talk, learn a bit more about the obstacles facing the US Government in the deployment and use of derived PIV credentials and the guidance offered by the ATARC team for accelerating their use.

 

About the Speaker
David Coley is a Senior Solutions Engineer at Intercede, a cybersecurity company specializing in enabling digital trust in a mobile world. David has worked in the mobile and security fields for over 20 years educating executives and technical teams on the use of mobile technology to increase workforce flexibility.  His emphasis has been on U.S. Government customers and the wide-ranging missions they support.

david coley 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, July 18, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor
Washington, DC, 20005

Click here for details.

 

 

 

 May 16, 2017 at 6:30 PM

ISSA National Capital Chapter March meeting topic:

Threat Rover: Go Beyond. Achieve 361o Threat Visibility of the Enterprise
by Inno Eroraha of NetSecurity® Corporation

Abstract
Neutralizing today’s advanced attacks requires an enterprise to identify its assets and to have a complete grasp of these assets. Vendors offer solutions from signature, behavior, machine learning, and artificial intelligence approaches to achieve enterprise protection and to counter the emerging threat problem. Are current technologies in this realm providing the needed 361o threat visibility, and do these technologies prevent attacks with high fidelity?

Protecting today’s assets from advanced cyber-criminal elements and from determined insider threat actors requires more than just perimeter protection or the classic “people, process, technology” paradigm. To stay ahead of these determined adversaries, solutions must go beyond and must dive deeper to detect threat activities wherever the data, information, system, or device may live. “Threat Roving” is a term we’ll use in this presentation to denote an integrated approach to neutralize cyber threats with basic primitives – threat intelligence, analytics, detection, response, prevention, investigation, and hunting – to protect against the next ransomware or other sophisticated attack and to gain situational awareness of the threat landscape. It is with acute visibility that we can predict and defuse attacks at the source.

 

About the Speaker 
Inno Eroraha

Inno Eroraha is the Founder and Chief Strategist of NetSecurity® Corporation, a computer forensics, cyber security and training company based in Dulles, Virginia, USA – in the Washington, DC Metropolitan area. His main responsibility is to position NetSecurity as “the brand of choice for forensics, security, and training,” by delivering innovative, high-quality, timely, and customer-focused solutions. Mr. Eroraha oversees NetSecurity’s day-to-day operations, including the proprietary HANDS-ON HOW-TO® training program, THREATRESPONDER™ platform, and the state-of-the-art NETSECURITY FORENSIC LABS. He leads the execution of NetSecurity’s solutions and helps clients protect, defend, and recover valuable assets from the most advanced cyber attacks. He has been consulted by Fortune 500 companies, financial institutions, law firms, government entities, and other premier organizations. Among other hands-on responsibilities, he leads penetration testing exercises, cyber operations, data breach investigations, and real-world training.

Before founding NetSecurity, Mr. Eroraha was a senior manager of information security at VeriSign, Inc. In this capacity, he led the implementation of solutions to protect critical Internet infrastructures. As an advocate, he significantly heightened security awareness among internal and external stakeholders and key decision makers. Inno Eroraha also worked at Network Associates (now McAfee), Trusted Information Systems, Smartronix, SAIC, and other consulting firms.

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, May 16, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor
Washington, DC, 20005

Click here for details.

 

 

 

 June 20, 2017 at 6:30 PM

ISSA National Capital Chapter June meeting topic:

The Payments Ecosystem: Security Challenges in the 21st Century
by Phil Smith III of HPE Data Security

Abstract

Credit and debit cards—whether they use magnetic stripes, EMV (“chip” cards), or near-field communication—are well-established in world commerce, and the majority of enterprises process them in some part of their operations. But how does this ecosystem really work? What are its vulnerabilities and security gaps, and how can we defend them? And what do mobile payments systems, bitcoin and its clones, and other innovations mean for the future?

As story after story in the press has demonstrated, simply keeping your physical card secure is no longer sufficient —and neither is protecting the IT perimeters of card processing systems. Millions of card numbers have been breached at all layers of the system, despite companies’ best efforts to secure at a system level. The Payment Card Industry Data Security Standard (PCI DSS) lays down excellent guidelines to help secure data, but many breaches have occurred despite passing PCI DSS compliance assessments.

Come learn about how the threat landscape is evolving, what the attackers are doing, and how merchants and processors are reacting to stay ahead of the attackers.


About the Speaker

Phil Smith III
Philip Smith III is Senior Product Manager and Architect, Mainframe and Enterprise, at HPE Data Security. He has spent over 35 years doing and managing software support/development. Phil also creates technical reference books, contributes to trade journals, speaks at SHARE and local user groups, and tracks IBM evolution.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, June 20, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor
Washington, DC, 20005

Click here for details.

 

 

 

 April 18, 2017 at 6:30 PM

ISSA National Capital Chapter March meeting topic:

A King’s Ransom: Why Ransomware is Winning and How We Can Turn the Tide
by Michael Sutton of Zscaler

michael sutton

Abstract

Ransomware has exploded to become one of the most profitable tools in the attacker’s toolkit. Why? While ransomware has actually been around for more than two decades, the financial success of CryptoLocker, along with the emergence of anonymous payment schemes led to it’s resurgence in 2013. While Operation Tovar killed off CryptoLocker, this only spawned a variety of copycat malware families following a similar pattern of leveraging public key encryption to hold personal files hostage until a ransom is ultimately paid. Attackers have managed to hit a sweet spot by targeting valuable data with financial or sentimental value, while setting a price point that individuals and corporations seem willing to pay. This, combined with poor data backup practices and ineffective endpoint security, has made ransomware a lucrative and growing market. As attackers have realized the potential of this weapon, they have moved beyond opportunistic attacks to target corporations and are now demanding significant payments well beyond the ransom demanded from individuals…and the companies are paying.

Combating ransomware requires a combination of dynamic analysis of the quickly morphing binary payloads and associated network traffic and exploiting the mistakes that have been made by the malware authors. Monitoring ransomware families over the years, we have noted interesting trends both in the techniques utilized by the families tracked and also where they are achieving success. Despite being generic in nature, certain malware families have reaped greater damage in specific global regions. The reasons for this involve a combination of attack techniques and human psychology. In monitoring the impact of ransomware on over 5,000 enterprises, we have also noted unintended, but predictable behaviors that can aid in identifying and defending against the threat. Our research has shown that binary analysis of ransomware is only half the battle. An effective defense must also incorporate network traffic analysis to proactively identify the infrastructure used to facilitate the cycle of infection and extortion.

In this talk, we will address the evolution of ransomware and focus on specific case studies to demonstrate and reveal the unique traits leveraged by specific families. We will discuss solutions which have proven highly effective in combatting ransomware. We will also peer into the crystal ball and leverage the expertise that we’ve gained in observing thousands of ransomware variants to predict where this threat is headed next.

About the Speaker

Michael Sutton has dedicated his career to conducting leading-edge security research, building teams of world-class researchers and educating others on a variety of security topics. As VP, Security Research, Sutton heads ThreatLabZ, the research and development arm of Zscaler. ThreatLabZ is responsible for researching emerging topics in web security and developing innovative security controls, which leverage the Zscaler in-the-cloud model. He is a published author, frequent speaker at major security conferences and is regularly quoted in the media. Prior to joining Zscaler, he was the Security Evangelist for SPI Dynamics (acquired by HP) and the Research Director at iDefense (acquired by VeriSign).

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, April 18, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor 
Washington, DC, 20005

Click here for details.

issa conf header

 March 21, 2017 at 6:30 PM

ISSA National Capital Chapter March meeting topic:

Current State of Application Security
by Aravind Venkataraman

Abstract
Our presentation will center around the current state of application security; we will delve into new research of application security practices at over 75 companies. We will cover software security strategies and tactics used by your peers as they are practiced “in the wild”. Statistics from the real world will be balanced with war stories from the field to illustrate foundational principles of starting and sustaining programs, as well as “what not to do” gotchas that can kill an initiative in its tracks. We will then open up the floor for discussion where you can share your experiences and hear from your colleagues and peers.

About the Speaker
Mr. Aravind Venkataraman is a Managing Consultant at Cigital. He has over 9 years of experience in software security and network security. At Cigital (www.cigital.com), he has spent the past 7 years helping a number of Fortune 100 companies build and run software security practices. He has performed planning, advisory and operational roles in building such practices. He specializes in deploying static analysis programs. He has helped several organizations deploy and run static analysis capabilities of different sizes and shapes. He presently plays a technical leadership and program advisory role both for internal staff and clients based out of Washington DC.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, March 21, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

issa conf header

 February 21, 2017 at 6:30 PM

ISSA National Capital Chapter February meeting topic:

Major Trends in Cyber Security
by Ron Gula

Abstract
Ron will discuss the three major trends in cyber security today - the quest to find intruders, the quest to protect networks and the notion of starting over with resilient systems. Ron will discuss the recent advances in detecting intruders, performing realtime compliance monitoring and re-designing computing environments to leverage resilient technologies such as cloud applications and containers.

About the Speaker
Ron Gula is the Founder and Chairman of Tenable Network Security. During the past fourteen years as CEO, Tenable Network Security has grown to more than 20k customer's worldwide, revenues in access of $100m in 2015, more than 650 employees operating in 10 different countries and close to $300m raised from private, government and angel investors. Ron has helped Tenable become the most dominant vulnerability management company and today organizations all over the world turn to Tenable to measure their compliance with standards such as PCI, FISMA, NIST and CIS. Ron began his career in information security while working at the National Security Agency conducting penetration tests of government networks and performing advanced vulnerability research. In the late 90s he pioneered the world of detecting hackers and botnets with the creation of the Dragon Intrusion Detection System which was acquired by Enterasys Networks and received industry acclaim from Gartner, SANS and Network Computing. Ron is a managing partner at Gula Tech Adventures which focuses on seed investing and advisement of cyber-security startups. Ron is currently working with several dozen companies with their product roadmaps and growth strategies.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, February 21, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

January 24, 2017 at 6:30 PM

ISSA National Capital Chapter January meeting topic:

Cyber Risk – How DHS is Clarifying its Vision through the Continuous Diagnostics & Mitigation (CDM) Dashboard
by Matt House

Abstract
Agencies face increased pressure to mature their cyber practices, but often lack sufficient resources to properly address the ever growing backlog of actions required to stay ahead of sophisticated threats. The Federal Government lacks a comprehensive mechanism for reporting on and managing organizational and cyber risk in a consistent fashion. As the cybersecurity posture of agencies varies widely, there is no standardization in identifying, scoring, prioritizing, or reporting these risks. DHS’s Continuous Diagnostics and Mitigation program is a major effort to promote standardized cyber hygiene and cyber risk management throughout the .GOV domain. Central to CDM is the dashboard that serves as the scoring, prioritization, visualization, and reporting engine that gives Federal agencies the “easy button” to meet today’s strict compliance and cyber performance goals.

About the Speaker
Matt House is the Director of Cyber Security Services for InfoReliance, an IT consulting firm specializing in cybersecurity, cloud services, and software engineering. Matt is responsible for all service delivery for InfoReliance’s Cyber Business Unit, which has annual revenues of approximately $50M. Within this portfolio, InfoReliance supports US Government customers including the Department of Homeland Security (DHS), US Army, US Navy, many Federal/Civilian agencies, as well as numerous commercial customers. Matt directly supports several critical cybersecurity programs within DHS such as the Continuous Diagnostics and Mitigation (CDM) Dashboard, National Cyber Protection System (also known as EINSTEIN), and the Cyber Assurance program at the Naval Surface Warfare Center in Dahlgren. Previously, Matt led the effort to deploy cloud services to the National Nuclear Security Administration (NNSA) and supported the Office of the Chief Information Officer at the Executive Office of the President


Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, January 24, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

December 13, 2016 at 6:30 PM

The ISSA National Capital Chapter has partnered with the SANS Institute again this year to offer exclusive access for its members to SANS@Night events at Cyber Defense Initiative 2016. The chapter meeting will take place at Grand Hyatt Washington on Tuesday, December 13, 2016.

Please note that the event is free but you must RSVP at least 24 hours before the event so we can have your badge ready for you. 

The chapter members and their guests will have access to the following events:

 

6:15pm - 9:15pm
Special Event - Women's CONNECT Event
Hosted by SANS COINS program and ISSA WIS SIG

6:30pm - 7:00PM
ISSA-DC: Announcement of 2017 ISSA-DC Board Election results

7:15pm - 8:15pm
SANS@Night - Security Awareness: Understanding and Managing Your Top Seven Human Risks
by Lance Spitzner

7:15pm - 8:15pm
Reception - (CS)2AI Reception: Control System Cyber Security Association International
Hosted by Derek Harp and Mike Assante

8:15pm - 9:15pm
SANS@Night - Analysis of the Cyber Attack on the Ukrainian Power Grid
by Robert M. Lee

8:15pm - 9:15pm
SANS@Night - Current and Future Trends in Digital Investigative Analysis
by Ovie Carroll

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, December 13, 2016 6:30 PM

Location Information

Grand Hyatt Washington
1000 H Street NW
WashingtonDC  20001 US
Phone: 202-582-1234
Fax: 202-637-4797

 

 November 15, 2016 at 6:30 PM

ISSA National Capital Chapter November meeting topic:

NIST Draft 800-63-3: What’s new, what’s the same, what’s radically different, when will we finalize, and what is YOUR feedback
by Paul Grassi

 

About the Speaker

paul grassiPaul Grassi is the Senior Standards and Technology Advisor at the National Institute of Standards and Technology (NIST). He joined NIST in June 2014 to advance and accelerate the development and adoption of identity authentication and authorization related standards and technologies needed to implement the identity ecosystem envisioned in the National Strategy for Trusted Identities in Cyberspace (NSTIC).

Mr. Grassi comes to NIST with a broad background of technology and management consulting, and significant experience developing enterprise security strategies and systems, having served a range of Fortune 500 companies, as well as domestic and foreign governments.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, November 15, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 October 18, 2016 at 6:30 PM

ISSA National Capital Chapter October meeting topic:

Understanding Basic Physical Access Control, (PACS)
by Bill Stover
 

Abstract
We will speak briefly of the history of PACS, why it became a "Must Have" for most companies/Government Agencies. How it developed from Card centric and has morphed into Identity centric. Where it is going for Role Based Access Control, RBAC to the Back End Attributes, BAE access control. This one-hour presentation will go over the purpose of PACS and the different architectures that are available. We will discuss the PROS and CONS to Access Control. The information the PACS systems are gathering is placing the PACS into an integral part of the LACS system. As the PACS has developed through the years the physical equipment is no longer the key factor in a PACS, but the information and what can be done with that information that the PACS is gathering.

About the Speaker
bill stoverWilliam (Bill) Stover is the Director of Business Development Manager – Federal Programs for SigNet Technologies, Inc. With over 34 years of experience in the Electronic Security Industry focusing on ID Management and Physical Access Control Systems. Mr. Stover has concentrated on identifying and meeting the needs of Federal Government Agencies. Mr. Stover has developed FICAM APL certified solutions to mitigate the need of replacing legacy equipment while maintaining authentication/validation of the card and cardholder at the door. Mr. Stover has developed several sustainment programs to provide ongoing FICAM compliance of existing systems. Mr. Stover continues to pursue the latest education for innovative technologies within the ID Management for Logical and Physical Access Control security solutions. 


 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, October 18, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

September 20, 2016 at 6:30 PM

ISSA National Capital Chapter September meeting topic:

Understanding the Federal IT Security Professional (FITSP)
by Jim Wiggins

 

Abstract
The Federal IT Security Institute (FITSI) is a non-profit organization managing and administering a role- based certification program known as the Federal IT Security Professional (FITSP). This credential is for Managers, Designers, Operators, and Auditors of Federal IT systems. By earning the FITSP credential, candidates demonstrate an in-depth knowledge of Federal IT security management, operational, and technical control requirements and the best means by which to validate their proper installation and operation.

FITSP measures candidates based on standards and guidelines promulgated by the National Institute of Standards and Technology (NIST) and other relevant Federal statutes and regulations. Collectively, these Federal documents comprise a special Federal Body of Knowledge (FBK) for the IT security workforce.

Mastery of the FBK provides a detailed framework for synergistically applying the technical knowledge and expertise acquired through other security certifications. Through certification as a Federal IT Security Professional (FITSP), military, civilian, and contractor personnel demonstrate their understanding of the interrelationship of Federal requirements that define the physical and logical security control objectives necessary to protect and defend Federal information systems.

The four FITSP certification designations - Manager, Designer, Operator, and Auditor - represent certification roles from the FBK that are specifically tailored to fit the job requirements of every person in the Federal workforce who has significant IT security responsibilities.

This 1-hour presentation will provide an overview of the Federal IT Security Professional certification and the requirements for obtaining it. 


About the Speaker
jimwigginsJim has over 18 years direct experience in the design, operation, management, and auditing of information technology systems, with the past 14 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients.

Additionally, Jim is the founder and executive director of the Federal IT Security Institute (FITSI). FITSI is a 501c6, non-profit organization that provides a role-based IT security certification program targeted at the federal workforce.

Jim is also the executive director of the FITSI Foundation. The FITSI Foundation is 501c3 public charity that runs the Wounded Warrior Cyber Combat Academy (W2CCA).

Currently as a contractor, Jim provides education and training support for the Federal Network Resilience Division at DHS and its Continuous Diagnostics and Mitigation program.

In 2011, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, September 20, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 August 16, 2016 at 6:30 PM

ISSA National Capital Chapter August meeting topic:

Enumerating software security design flaws throughout the SSDLC
by John Willis

PLEASE NOTE CHANGE OF VENUE 

Abstract
 The security challenges we face today are numerous. Yet, we just can’t seem to produce software without including countless security vulnerabilities. About one-third (1/3rd) of all software security vulnerabilities are due to design errors. To further compound the problem, nonfunctional security requirements often do not get translated to real technical security design features, or controls. To make matters worse, security design features have their own dependencies. Bundle this with design errors that may or may not be uncovered through threat modeling, and it is no surprise that we have the perfect storm. Worse yet, any security functionality implemented to address nonfunctional requirements is unlikely to receive attention during testing. Unfortunately, if we don’t address these security design flaws the testers may never notice anyway!

A methodology and evolving mock-up/prototype is introduced to address these problems. A graphical tool that is SysML compatible is the ultimate goal. The hypothesis is that by employing the above methodology/tool we should be able to establish order where there is currently chaos regarding the identification and satisfaction of security requirements, not only in the solution space—but throughout the SSDLC as well.

 

About the Speaker
John M. Willis is a Senior Information Security Architect with a history of electronics engineering, programming, and configuration management. John’s first computer was a wire-wrap Z80 board he programmed in assembly.

John has been a consultant to commercial and government clients for over 30 years. He holds a number of professional certifications, including CISSP-Information Systems Security Architecture Professional (CISSP-ISSAP), Certified Secure Software Lifecycle Professional (CSSLP), and Certified Ethical Hacker (CEH). In addition, John completed the Advanced Computer Security Professional Certificate program at Stanford University in 2015. Nowadays, John seeks to build security in by coming up with new and different ways of looking at things.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, August 16, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 July 19, 2016 at 6:30 PM

ISSA National Capital Chapter July meeting topic:

Targeted Ransomware Attacks
by Jason Rebholz

Abstract
Ransomware started out as a nuisance and has grown into a pandemic. Companies everywhere are struggling to keep pace with the constantly evolving threat of losing their data. In a recent trend, opportunistic ransomware attacks have evolved into targeted attacks that have resulted in the deployment of ransomware to hundreds of systems. These targeted ransomware attacks have crippled companies and forced them to pay thousands of dollars in ransom money just to stay in business. This presentation will cover a short history on the evolution of ransomware and discuss in detail what happens during a targeted ransomware case – from the initial compromise through file encryption. Furthermore, the talk will cover lessons learned from numerous targeted ransomware cases so that you may avoid being the next victim.

 

About the Speaker
rebholz headshotJason Rebholz is a Director in The Crypsis Group’s McLean, Virginia office. As a Director, Mr. Rebholz oversees the professional services that Crypsis provides its clients and manages incident response investigations. Mr. Rebholz has led incident response investigations that involved multiple threat actors including financially motivated attackers, organized crime, nation-state threat actors, and hacktivists. He has worked across numerous industries including the defense industrial base, financial industry, healthcare industry, Fortune 100 companies, and law enforcement.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, July 19, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 June 21, 2016 at 6:30 PM

ISSA National Capital Chapter June meeting topic:

INVESTING IN CYBERSECURITY
by Lawrence A. Gordon

Abstract
Cybersecurity is fundamental to the survival of organizations in our interconnected digital world.  Accordingly, a key question that must be addressed by organizations is: How much should an organization spend on cybersecurity activities and how should those funds be allocated?  The objective of the talk by Dr. Lawrence A. Gordon, EY Alumni Professor of Managerial Accounting and Information Assurance, at the University of Maryland's Smith School of Business, is to discuss how the Gordon-Loeb Model for Cybersecurity Investments can be used to help organizations answer the above question. Details underlying his talk can be found in his recent coauthored paper at: http://file.scirp.org/pdf/JIS_2016032315382494.pdf.

 

About the Speaker
Dr. Lawrence A. Gordon is the Ernst & Young Alumni Professor of Managerial Accounting and Information Assurance at UMD’s Robert H. Smith School of Business, and an Affiliate Professor in the UMD Institute for Advanced Computer Studies. He is also an active participant in the Maryland Cybersecurity Center, a new research/education Center at the UMD. His Ph.D. is in Managerial Economics from Rensselaer Polytechnic Institute. He is the author of more than 90 articles, published in such journals as ACM Transactions on Information and System Security, Journal of Computer Security and The Accounting Review. He is the author of several books, including Managing Cybersecurity Resources:A Cost-Benefit Analysis, and is the Editor-in-Chief of the Journal of Accounting and Public Policy. In 2007, Dr. Gordon provided Congressional Testimony on cybersecurity economics before a Subcommittee of the U.S. House Committee on Homeland Security. He is a frequent speaker at universities and professional meetings around the world, has been a consultant to many major private and public sector organizations. Dr. Gordon’s former Ph.D. students are distinguished faculty members at many top universities in the U.S., Europe and Asia. In two authoritative studies, Dr. Gordon was cited as being among the world’s most influential/productive accounting researchers.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, June 21, 2016 6:30 PM

Government Publishing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details.

 May 17, 2016 at 6:30 PM

ISSA National Capital Chapter May meeting topic:

 

Smartphones issues and data in Apps and the Cloud…or your next level of evidence
by Amber Schroader, CEO & Founder, Paraben Corporation



 

Abstract
Our smartphones are hiding a dirty little secret that not only leaves data for others to capture, but also data for forensic evidence. This session covers common issues with smartphones when it comes to forensics and also the security of these devices. We will go through existing flaws that can be exploited to capture data and passwords and keys associated with the most popular devices of Android OS and Apples iOS.

 

About the Speaker
Throughout the past two decades Ms Schroader has been a driving force for innovation in digital forensics. Ms. Schroader has developed over two-dozen software programs designed for the purposes of recovering digital data from mobile phones, computer hard drives, email, and live monitoring services. Ms. Schroader has taught and designed the established protocols for the seizure and processing of digital evidence that have been used by numerous organizations throughout the world. Ms. Schroader has coined the concept of the “360-degree approach to digital forensics” as well as started the momentum and push to the “Forensics of Everything-FoE” with her focus to unique problems in digital evidence and solutions. Ms. Schroader has been a huge industry influence in pushing for a big-picture consideration of the digital evidence and the acquisition process and analysis techniques used. An accomplished curriculum developer and instructor; Ms. Schroader has written and taught numerous classes for this specialized field as well as founded multiple certifications. Ms. Schroadercontinues support through book contributions and other industry speaking engagements.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, May 17, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 April 19, 2016 at 6:30 PM

ISSA National Capital Chapter April meeting topic:

 

Cyber Security Management – An analytics based approach

by Krishnamurthy Krithivasan of OEQ, Inc.

 

Abstract
The two most discussed domains today are Cyber Security and Data Analytics. The presentation will focus on using data analytics as an enabler for effective cyber security management.

 

About the Speaker
Krish has around 2 decades of experience delivering technology enabled business solutions to large federal and commercial organizations. Krish was instrumental in building the Business Intelligence, Analytics and Reporting practices at Ernst & Young LLP and at PricewaterhouseCoopers LLP. Krish currently is the CEO of OEQ, Inc., an Analytics and Technology startup based in Reston, VA.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, April 19, 2016 6:30 PM

Government Publishing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details.

 March 15, 2016 at 6:30 PM

ISSA National Capital Chapter March meeting topic:

 

Cloud Breaks Traditional Security

by Rich Gardner

Director of Sales Engineering, CISSP, CISM, CGEIT
CloudPassage

 

Abstract

The rapid adoption of Infrastructure-as-a-Service, rise of DevOps and use of containers all have put a huge strain on InfoSec teams. Traditional security tools don't work well with the new infrastructure and development paradigms, dragging down speed and agility. Join us to learn how companies have automated and orchestrated security to align the needs of all the stakeholders: security, development and operations.

 

About the Speaker
With 20+ years of Information Technology experience, for the past 15 years Rich Gardner has been focused on Information Security. Rich comes to CloudPassage with a wealth of experience and a fresh perspective to solving people, process and technology challenges when it comes to Information Security. Previously working at a number of carriers, Rich was involved in executive consulting, security architecture and pre-sales engineering. Throughout his career in IT Rich has been exposed to fortune 500 companies ranging from major broadcast networks to global financial enterprises.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, March 15, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 February 23, 2016 at 6:30 PM

ISSA National Capital Chapter February meeting topic:

Safeguarding Our Data – DevOps Friend or Foe
by Joseph Santangelo

This meeting brought to you by
delphix logo color

 

Abstract
Organizations are under increasing pressure to perform. The environment that they are working in has become more complex and more chaotic. Multiple internal masters all have a stake in the workings of Information Technology. External cops and robbers are both forcing organizations to reinvent themselves and look at new ways of doing things. DevOps is a new way of working which fosters collaboration instead of confrontation. The DevOps approach gives developers more control while making infrastructure personnel more aware and understanding of the application landscape. The use of specialized tools and the implementation of Service Based IT is crucial to meet goals in an environment where things are moving faster and faster. But it is not clear that this new way is right for all organizations and all implementations. There can be dangers from using this approach. Done badly DevOps can create more problems and lead to serious security concerns. And what about Security? Is Security an afterthought in DevOps? Are there DevOps techniques that Security personnel can leverage? What about some tried and true security practices, do they fit in with the DevOps movement?

 

About the Speaker
Joseph Santangelo has been a technology professional for over 20 years and has a Master of Science degree from Steven’s Institute of Technology.   Joseph has focused on Privacy and Security throughout his career with a heavy emphasis while he was CIO of the Citi Private Bank in the Americas.   In his current role at Delphix Corp, much of his focus is on securing private data and establishing Risk, Governance and Compliance frameworks.  Specific areas of focus include testing for interoperability purposes.   Joseph is a member of the Society for Information Management (“SIM”), the Information Systems Security Association (“ISSA”) and the Healthcare Information and Management Systems Society (“HIMSS”) where he was chairman of the Privacy and Security Toolkit Task Force.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, February 23, 2016 6:30 PM

Government Publishing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details.

 January 19, 2016 at 6:30 PM

ISSA National Capital Chapter January meeting topic:

 

Cybersecurity Landscape in 2016

 

Abstract
Coming off of a year when “cyber risk” entered the lexicon of corporate boardrooms, CISOs and CIOs are recognizing the reality that a cybersecurity breach is inevitable. As 2015 comes to a close, Nik Son, Abel Sussman, and Dan Choi of Coalfire will discuss their top predictions for what will impact the cybersecurity landscape in 2016 and how the federal government and commercial providers will meet these challenges.

 

About the Speakers
Nick Son, CPA, CISSP, CISA, CISM, CIA - is Managing Director of Coalfire Federal. He leads FISMA and FedRAMP solutions business serving U.S. Federal, state, local and commercial clients. Mr. Son has over 20 years of experience in information assurance and cybersecurity program management and legislative compliance. He is a subject matter expert in the area of FISMA, FedRAMP and 3rd Party Reporting.


Abel Sussman, PMP, CISSP, CCSP - is the Director for Coalfire Public Sector practice. For more than 18 years, Abel has been helping organizations implement new systems and transform stagnant programs. He is a nationally recognized industry expert and has presented on information security and cloud computing for the Federal Bureau of Investigation, Department of Homeland Security, Department of Defense.

Dan Choi, CISSP, CISA, CISM - is a Director of Coalfire’s Public Sector practice. He leads the FISMA and FedRAMP assessments for companies and cloud service providers serving the federal government. Dan has over 9 years of experience leading information technology audits and security consulting services of governmental agencies and commercial clients performing FISMA, FedRAMP, and FISCAM reviews.

.

  

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, January 19, 2016 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 

October 20, 2015 at 6:30 PM

ISSA National Capital Chapter October meeting topic:

Mike Dombo

 

Abstract
Today, it is no longer a matter of if an organization will be impacted by a data breach, but rather when they will be hit. In many cases, personal, proprietary and otherwise sensitive data accessed from a data breach is sold and published on what is known as the “Dark Web.” This portion of the Internet is hidden from conventional search engines and people who access the Dark Web typically operate anonymously, making illegal activity harder to detect.

OPM, Target and Anthem have proven that every organization is a potential victim. It has become increasingly more vital for organizations to take measures to keep their sensitive information from being leaked onto the Dark Web as there are real financial and reputational consequences to data breaches.

Mike Dombo, Vice President of Sales at Winvale, will discuss the Dark Web, how information is sold and traded and how you can take action if your organization is breached.

About the Speaker 
mike domboAs Vice President of Sales, Mike Dombo leads the team’s overall sales and key customer account objectives and is based in Dark Web ID’s office in Odenton, Maryland. 

 Dark Web ID was developed by Winvale to address criticalcybersecurity issues impacting both public and private sector organizations. Dark Web ID’s web-based platform provides external monitoring reports of an organization’s user accounts, including IP addresses and third party and supply chain accounts to identify compromised credentials in real time. Through this platform, organizations can access actionable threat intelligence to help anticipate and protect against a cyberattack. To date, Dark Web ID has identified more than 400 million email and network passwords from more than 350,000 private Dark Web locations.

Previously, Dombo worked in several syndicated research sales roles as founder and head of sales for companies providing advisory services in areas such as: Public Safety & Homeland Security, Environmental & Sustainability issues, Human Resources and Finance. He graduated from Lafayette College with degrees in English and Russian and holds a Master’s Certificate in Project Management from The George Washington University.

 

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, October, 2015 6:30 PM

Government Publishing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

 

NOvember 17, 2015 at 6:30 PM

ISSA National Capital Chapter November meeting topic:

“The Craft” – Cyber Threat Intelligence from the Analysts Perspective 

 

Abstract
In the current cyber security environment, the organization does not stop at the perimeter, but extends to all facets and operations of the organization. This session will focus on how threats to any organization can manifest themselves in many ways, often with tell-tale signs in the digital landscape of OSINT and less open arenas such as specialized forums, IRC, paste sites and Dark Web. With the proper skills and tools, analytical craft and intelligence can act as not only a warning signal to concerned parties, but in many cases act as a disruptive capability that can severely limit damage to brand, assets, customers, personnel or IT systems. Come learn how some of your most crucial defenses start beyond the perimeter and are not simply a matter of the newest IDS, Firewalls, or IT defense-of-the-day.


Takeaways:
Better understand the ways and means bad actors leverage to meet their goals
Real world examples of how proper intelligence can win early and often
Understand what is at stake if threat intelligence is not part of your current efforts

About the Speaker
Jeff Daisley has a long history of managing and delivering cyber threat intelligence and analysis to the U.S. Secret Service, large Government and NGO institutions, and Fortune 500 companies. Range of work encompasses anything from high-profile government leadership, to disaster and crisis efforts as well as threats to leading private sector companies and executives. Jeff had the special privilege of serving as the chief analyst on-site to the USSS, specializing in reports and analysis to protection of the President of the United States, and subjects of interest or groups possessing threats to USSS protectees. Currently, Jeff is the leading Cyber Threat Intelligence analyst at BrandProtect, a leader in detecting, analyzing and mitigating online incidents and cyber activity that threatens business, people and customers across private and public institutions.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, November 17, 2015 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 

September 15, 2015 at 6:30 PM

ISSA National Capital Chapter September meeting topic:

Operationalizing Threat Intel 
by Brian Costello

 

Abstract

There are many sources of cyber threat intelligence, and their quality varies dramatically. At a minimum, high quality threat intel must be:
• Continually updated
• Free of outdated information
• Derived from authentic sources

But quality is only the beginning. As with any tool, the real value of threat intel relies on how you use it. Attend this enlightening and practical talk on operationalizing cyber threat intel, and learn how to make the most of your intel resources.

About the Speaker 

mario santanaMario Santana joined Risk Analytics in June 2015, where his main responsibility is to sate his passion for disruptive technology. Formerly, Mr. Santana was with Terremark since January 2006, acquired by Verizon in 2011 for $1.4B. He built the Security Analytics team, growing it into Verizon's premier next-generation managed security offering. He has consulted with clients on topics of security, technology, and risk management. Before that, Mr. Santana founded an identity management technology company and worked in IT and security for over 25 years.

Through his career, Mr. Santana has worked with numerous Fortune 1000 organizations worldwide, including financial, healthcare and educational institutions, airport security and airlines, retail conglomerates, and technology and legal firms. He has led projects and engagements around such security and risk management concerns as leading-edge security operations, corporate governance, forensics and electronic discovery, incident response, intellectual property fraud, insider incidents, and the assessment of networks, systems and applications.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, September 15, 2015 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 

August 18, 2015 at 6:30 PM

ISSA National Capital Chapter August meeting topic:

Export Controls
by Michael Dobson

 

Abstract
U.S. export controls dictate where and to whom U.S. companies can send products and information. They also dictate the types of data foreign nationals living and working in the U.S. are allowed to access. For cybersecurity professionals – particularly those working in international teams, regardless of where their teammates happen to be located – this can make for a complicated dynamic: not only do they have to consider who is allowed to access the information they are charged with safeguarding, but also whether they can share the tools they use to do their jobs with non-U.S. colleagues, counterparts, and third-parties. In this talk, Michael Dobson will share an overview of the export control system and best practices for navigating it, with the goal of preparing you to spot export compliance issues before they become problems.  

About the Speaker 
Michael Dobson is an international trade attorney in the Washington, D.C. office of Kelley Drye & Warren LLP. His practice focuses primarily on U.S. export controls, sanctions programs, and anti-corruption laws. Mr. Dobson counsels clients in a range of industries, with a particular emphasis on data management solutions. He has written extensively about export controls on information, most recently in a white paper titled “From Wassenaar to Mars: Open Source Hardware, U.S. Export Controls, and Avoiding Missteps in the Maker Movement,” along with a subsequent companion article on Slate Magazine’s Future Tense blog.

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, August 18, 2015 6:30 PM

Government Publishing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

 

July 14, 2015 at 6:30 PM

ISSA National Capital Chapter Special Event

Federal Cyber Sprint -- 
Strong Authentication Now!

Refreshments provided by
xceedium 

Abstract
If you are in any way involved with Federal IT Security, then you are impacted by the current 30-day CyberSprint. The ISSA National Capital Chapter has scheduled a special out-of-band meeting to help you solve one of the toughest problems for most Agencies – Single Sign-On.

Are you having trouble getting to Single Sign-On (SSO)? Join a panel of Subject Matter Experts from across the Federal Government as they discuss resources and strategies to help you implement Single Sign-On in your Agency.

This special meeting will cover:

  • Brief SSO Overview
  • Privileged User SSO strategies
  • Putty CAC client
  • Username Hints
  • Application SSO onboarding strategies
  • SAML
  • Agents
  • PIV Direct
  • Kerberos Authentication
  • Open discussion – an opportunity to get advice about your personal SSO nightmare

We have moved our regular meeting time a week ahead to July 14th, to help you meet your deadlines to be SSO compliant. Please excuse the last-minute notice, but we want to get this information out to our membership as quickly as possible to help you comply with the very tight deadlines imposed by the Cyber Sprint.

About the Speakers
Because of the short notice, not all speakers have been confirmed yet, but we assure you that these will include high-level Federal PKI and ICAM Subject Matter Experts.

Paul Grassi
Paul Grassi is the Senior Standards and Technology Advisor at the National Institute of Standards and Technology (NIST). He joined NIST in June 2014, to advance and accelerate the development and adoption of identity authentication and authorization related standards and technologies needed to implement the identity ecosystem envisioned in the National Strategy for Trusted Identities in Cyberspace (NSTIC).

LaChelle Levan
Lachelle Levan is the Chief Architect for Federal Identity, Credential, and Access Management (FICAM) in the Office of Government-wide Policy at GSA.
She has over 15 years of experience in Information Technology, and has participated in over a dozen successful enterprise implementations--from Fortune 500 companies to governmental agencies.

Please join us for a timely and informative meeting! 

Please do not forget to RSVP if you plan to attend. An accurate head count helps us plan to make sure we have enough room and food for everyone. 

Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, July 14, 2015 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

 

June 16, 2015 at 6:30 PM

ISSA National Capital Chapter February meeting topic:

Greg Witte: NIST Cybersecurity Framework

 

Abstract
Greg Witte has spent the last 18 months implementing the NIST Cybersecurity Framework in the field, much of that for ISSA members, He will share some areas where companies have had success with the model and some lessons learned from applying it to those organizations. We'll also look at some of the items on NIST's roadmap such as information sharing, privacy engineering, and supply chain considerations.

greg witte

About the Speaker 
Greg is a Senior Security Engineer for G2 Inc of Annapolis Junction MD. He supports Federal and commercial clients, primarily the NIST Computer Security Division. As part of his NIST support role, Greg was one of several primary authors of the NIST Cybersecurity Framework (CSF).

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, June 16, 2015 6:30 PM

Government Publishing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

Mid-Atlantic Security ConferenceTuesday, September 1, 2015 at NIST in Gaithersburg, MD

 


May 19, 2015 at 6:30 PM

ISSA National Capital Chapter February meeting topic:

The New Normal: Cyber Attacks and Effective Defense in the Modern Era
by Travis Rosiek

Chief Solutions Strategist, CTO Office – Global Government, FireEye, Inc.

 

Abstract
In this presentation, Travis Rosiek, Chief Solutions Strategist in FireEye’s CTO office, will discuss the evolution of cyber attacks and threat actors, with insights on where exploits are happening today and why. Mr. Rosiek will discuss a current threat landscape that is more complex than ever, with security teams finding it increasingly difficult to prevent, detect, analyze and respond to advanced attacks. Drawing on FireEye’s experience with a range of government and industry organizations, this presentation will touch on where we’re making progress, and what can be done to address the new and increasingly sophisticated tactics being used by attackers.

About the Speaker 
Travis Rosiek is the Chief Solutions Strategist in the CTO office supporting Global Government. In this role, he provides technical and executive support to help ensure the FireEye implementation addresses the evolving security challenges that Federal Government organizations face. Travis also assists in educating customers on the evolving cyber threats, understanding customer requirements, and influencing FireEye solutions. Prior to joining FireEye, Mr. Rosiek was a Principal Cyber Security Consultant at McAfee. Prior to joining McAfee, Travis spent nearly 10 years at the Department of Defense (DoD) in various roles including: management, security architecture, CND analyst, and as an engineer supporting DoD Enterprise Information Assurance programs, CND Operations centers, Incident Response, Red Team, C&A, Metrics, and many others. In addition, he supported several of the COCOMS, services, and agencies to integrate systems and operations in an effort to enable Cyber Defenders to be more effective in defending their networks.

Travis received his M.S. in Electrical Engineering, with a concentration in Information Assurance and Biometrics, from West Virginia University. In addition, he has completed the Executive Leadership Development Program (ELDP) at George Washington University.

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, May 19, 2015 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
Washington, DC, 20005

Click here for details.

April 21, 2015 at 6:30 PM

ISSA National Capital Chapter February meeting topic:

Human Exploitation: How Social Engineering Will Defeat Your Organization
by Matt James

 

Abstract
Words like exploitation have a negative connotation, and no one wants to be the one left holding the potato when the music stops. Since the earliest days of conflict, exploiting human-nature has been at the core of strong offensive capabilities. So, why are organizations (especially the government) so adverse to taking the steps necessary to train and equip their employees with the tools necessary to defeat this effective attack vector? Matt James, cyber warfare consultant for Knowledge Consulting Group, will show just how easy it is to exploit humans, and marry it with technical methodologies. Anecdotal stories will be shared about exploiting multi billion-dollar corporations, to the largest banks; secure installations, to senior staff. Come learn what social engineers look for, and gain insight into what your organization can do to defeat their attempts.

About the Speaker 
Matt James is a cyber warfare consultant for Knowledge Consulting Group, Inc., based out of Reston, Virginia. He has more than 12 years experience in information security, and has most recently served as lead for federal, financial, and commercial red-team penetration testing engagements. Prior to his work in the private sector, he served as an Information Management Officer in the Special Operations community, and as an Operations Officer for the State Department. Mr. James is a disabled combat veteran, having served during Operation Iraqi Freedom, where he was awarded the Bronze Star Medal and Purple Heart from separate instances during that time-period.

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, April 21, 2015 6:30 PM

Government Publishing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

April 20, 2010

Security Configuration Management with NIST SP800-128
by Kelley L. Dempsey

 

Abstract
NIST Special Publication (SP) 800-128 provides guidelines for managing the configuration of information system architectures and associated components for secure processing, storing, and transmitting of information. Security configuration management is an important function for establishing and maintaining secure information system configurations, and provides important support for managing organizational risks in information systems.

NIST SP 800-128 identifies the major phases of security configuration management and describes the process of applying security configuration management practices for information systems including: (i) planning security configuration management activities for the organization; (ii) planning security configuration management activities for the information system; (iii) configuring the information system to a secure state; (iv) maintaining the configuration of the information system in a secure state; and (iv) monitoring the configuration of the information system to ensure that the configuration is not inadvertently altered from its approved state.

The security configuration management concepts and principles described in NIST SP 800-128 provide supporting information for NIST SP 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations that include the Configuration Management family of security controls and other security controls that draw upon configuration management activities in implementing those controls. This publication also provides important supporting information for the Monitor Step (Step 6) of the Risk Management Framework that is discussed in NIST SP 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach."

About the Speaker                                                                             
Kelley Dempsey began her career in IT in 1986 as an electronics technician repairing PCs and printers before moving on to system administration and network management in the mid-1990s.  While employed by the Department of the Navy in 1999, she began focusing on information system security by training for and then conducting a large scale DITSCAP certification and accreditation from start to finish.  Kelley and her husband moved east in the spring of 2001 and Kelley joined the NIST operational Information Security team, managing the NIST information system certification and accreditation program through September 2008.  Kelley joined the NIST Computer Security Division FISMA team in October 2008 and has co-authored the upcoming initial public draft of NIST SP 800-128 (Security Configuration Management) and has been a major contributor to NIST SPs 800-53 Rev 3 and 800-37 Rev 1.  Kelley completed a B.S. degree in Management of Technical Operations from Embry-Riddle Aeronautical University, graduating cum laude in December 2003 and earned a CISSP certification in June 2004. 

April 20, 2010 6:30 PM

George Washington University
801 22nd Street NW
Room B149 (One floor below lobby)
Washington, DC 20052
View details

Please RSVP if you plan to attend.   

 

August 18, 2009

August Meeting:

ISSA National Capital Chapter
Annual Social Event

Complimentary Food and Cocktails!!!

Door Prizes courtesy of Apptis and Netwitness!!!

Network with Tech-sector Recruiters!!!

Cost: 
Free for ISSA and ISACA Members!
(including those who join at the social) 
Non members: $10

Recruiters: Contact VP Programs for details

 

August 18, 2009 6:30 -9:00 PM

Gordon Biersch Restaurant
www.gordonbiersch.com
900 F St NW
Washington, DC 20004-1404

Click here for directions.

Please email your RSVP if you plan to attend. 

 

Event Sponsors 

 

Netwitness

 

 

CCSi

 

 

APPTIS

 

  

November 17, 2009

Securing Cloud Computing
Are You Ready?

Guy Weaver, Purewire, Inc.

Abstract
Cloud computing has redefined how users interact with data; however, security solutions are still on the upswing as far as which and when those solutions will take off. There's no shortage of predictions on how much or how quickly the security SaaS market will grow. It remains to be seen which security services make the most sense or why. This interactive discussion dives into security SaaS and which services provide the most benefit.

Guy Weaver of Purewire will discuss: Pros/cons related to SaaS and which make sense: vulnerability assessment, application scanning, Web browsing, identity management, and anti-fraud. The session will explore research and trends of vendor offerings and enterprise requirements.

About the Speaker
Guy Weaver is the Senior Systems Engineer for the Central Region at Purewire, Inc. Weaver has over 20 years experience in the IT industry with a broad range of skills. He holds many certifications including CISSP, CCSP, CEH and ITIL. He has worked for one of the largest health care systems in country, was a Networking Practice Manager for a global systems integrator, a Systems Engineer at Cisco Systems covering security and core infrastructure for a Fortune 10 account, and a Systems Engineer at Blue Coat Systems supporting WAN optimization and legacy Web gateway customers.

Tuesday, November 17, 2009 6:30 PM

740 15th Street NW
4th floor
Washington, DC 20005

Click here for details.

Please RSVP if you plan to attend.   

 

October 20, 2009 6:30 PM

Ooctober Meeting Topic:
Mobile Device Forensics & Security Concerns
by Amber Schroader

Abstract
These mobile devices have become an addiction to users, corporations, and infrastructure everywhere, but with any addiction there are consequences.
What do you do when you have mobile devices as part of your infrastructure? How do you secure them? What risks exist that can cost your data? Learning the risks as well as the response is crucial for everyone in an organization when it comes to mobile devices. Learn how to respond and what to watch for.

Amber Schroader

About Amber Schroader
Amber Schroader has been involved in the field of computer forensics for the past twenty years. During this time, she has developed and taught numerous courses for the computer forensic arena, specializing in the field of wireless forensics as well as mobile technologies. Ms Schroader is the CEO of Paraben Corporation and continues to act as the driving force behind some of the most innovative forensic technologies. As an innovator in the field, Ms Schroader has been key in developing new technology to help investigators with the extraction of digital evidence from hard drives, email and, hand held and mobile devices. Ms Schroader has extensive experience in dealing with a wide array of forensic investigators ranging from federal, state, local, and corporate. With an aggressive development schedule, Ms Schroader continues to bring new and exciting technology to the computer forensic community world wide and is dedicated to supporting the investigator through new technologies and training services that are being provided through Paraben Corporation. Ms Schroader coined the concept of the 360-degree approach to digital forensics, pushing for development into new areas in the digital evidence arena. Ms. Schroader has been a contributor to several books in the field of Digital Forensic including Techno Security Guide to Managing Risks for IT Managers, Auditors and Investigators, Techno Security's Guide to E-Discovery and Digital Forensics: A Comprehensive Handbook along with Alternate Data Storage Forensics. Ms Schroader is involved in many different computer investigation organizations including The Institute of Computer Forensic Professionals (ICFP), HTCIA, CFTT, and FLETC.


October 20, 2009 6:30 PM

740 15th Street NW
4th floor
Washington, DC 20005

Click here for details.

Please RSVP if you plan to attend.   

July 21, 2009

July Meeting Topic:

Open Discussion:
Nation State Hacking – Experience from the Front

Click here to download presentation in PDF.

Click here to download audio presentation in MP3.

Tom Hallewell
Discussion Leader

July 21, 2009 6:30 PM

740 15th Street NW
4th floor
Washington, DC 20005

Click here for details.

Please email your RSVP if you plan to attend.   

June 16, 2009

June Meeting Topic: Integrated Enterprise-wide Risk Management
Organization, Mission, and Information Systems View

Dr. Ron Ross
Computer Security Division
Information Technology Laboratory
National Institute of Standards and Technology

Abstract
Helping organizations develop an enterprise-wide risk management strategy that integrates information security requirements into mission/business processes and the information systems supporting those processes is a top priority for NIST as it updates and revises key information security publications in 2009. Proposed changes in federal legislation seek to "operationalize" FISMA moving away from strict compliance-based policies to a full implementation of a Risk Management Framework. NIST Special Publications 800-53, 800-37, 800-39, and 800-30 are being updated to incorporate new strategic and tactical guidance for implementing information security programs and managing risk in dynamic environments of operation with sophisticated adversaries and advanced cyber threats.

Dr Ron Ross


About Dr. Ross
Dr. Ron Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST). His current areas of specialization include security requirements definition, testing and evaluation, risk management, and information assurance. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project for NIST, which includes the development of key security standards and guidelines for the federal government, support contractors, and the United States critical information infrastructure. His recent publications include Federal Information Processing Standards (FIPS) Publication 199 (security categorization standard), FIPS Publication 200 (security requirements standard), NIST Special Publication 800-53 (security controls guideline), NIST Special Publication 800-53A (security assessment guideline), NIST Special Publication 800-37 (security certification and accreditation guideline), and NIST Special Publication 800-39 (risk management guideline). Dr. Ross is also the principal architect of the NIST Risk Management Framework that provides a disciplined and structured methodology for integrating the suite of FISMA security standards and guidelines into a comprehensive enterprise-wide information security program.

June 16, 2009 6:30 PM

740 15th Street NW
4th floor
Washington, DC 20005

Click here for details.

Please email your RSVP if you plan to attend.   

January 19, 2010

Twenty Important Controls for Effective Cyber Defense and FISMA Compliance
John M. Gilligan

Abstract:
Because federal agencies do not have unlimited money, current and past federal CIOs and CISOs have agreed that the only rational way they can hope to meet these requirements is to jointly establish a prioritized baseline of information security measures and controls that can be continuously monitored through automated mechanisms.  To this end, a consensus document of 20 crucial controls was designed to begin the process of establishing that prioritized baseline of information security measures and controls that can be applied across Federal enterprise environments.  

These 20 critical security controls were agreed upon by knowledgeable individuals from various groups of IT Security Professionals. The list includes 15 controls that can be validated at least in part in an automated manner and five that must be validated manually. Each of the 20 categories is important and offers high-priority techniques for thwarting real-world attacks.

Speaker Bio:

John M. Gilligan is president of the Gilligan Group, Inc., an IT consulting firm.  Prior to his current position he was a senior vice president and director, Defense Sector, at SRA International, Inc.  Mr. Gilligan has over 25 years of managerial experience in leading large information technology organizations.  He has expertise in business strategy, organizational innovation, program implementation, and IT Security.  Mr. Gilligan has served as a chief information officer for the United States Air Force and the U.S. Department of Energy.  He was program executive officer for battle management and command and control for the Air Force. He is a member of the Cyber Security Commission (formed to advise the 44th President) and the Army Science Board.  He also serves on the board of directors for Center for Internet Security, Hunter Defense Technologies, Inc., Schafer Corporation, and the Armed Forces Communications and Electronics Association.  Mr. Gilligan has been a recipient of the Joint Chiefs of Staff Distinguished Civilian Service Medal, Distinguished Executive Presidential Rank Award, Meritorious Executive Presidential Rank Award, and Computerworld’s Premier 100 IT Leaders to name a few.  He earned an M.S.E. in Computer Engineering from Case Western Reserve University and an M.B.A. in finance from Virginia Tech University.

January 19, 2010 6:30 PM

George Washington University
801 22nd Street NW
Room B149 (One floor below lobby)
Washington, DC 20052
View details

Please RSVP if you plan to attend.   

December 15, 2009

The Case for Network Forensics
and
The National Capital Chapter Annual Officers Election

Join Peter Schlampp, VP of Product Management and Marketing, at Solera Networks to learn how network forensics can help you determine the true scope of any network event within your organization.

Peter will talk about how network forensics can help you:
Significantly reduce incident response time
Eliminate the exposure to further risk
Capture, index, record, search and replay all your network traffic at full line rates (up to 10Gbps)
Enable complete surveillance of all network activities by having a complete historical record of network traffic 

 

Pete Schlampp, Vice President, Marketing and Product Management
Pete brings a keen understanding of the network security and infrastructure industries with more than a decade of product development and marketing expertise in the enterprise, government and education markets.

Prior to joining Solera Networks, he led product management for the most successful network security startup in the past decade at IronPort Systems. IronPort established the appliance-based enterprise anti-spam and anti-virus market and was purchased by Cisco in June 2007. At Cisco, he was promoted to General Manager of the Security Technology Business Unit (STBU) in India and was also responsible for global development centers in Ukraine, China and Costa Rica. Pete holds a degree in computer science and molecular biology from Boston College.


We will also attend to Chapter business at this meeting:

National Capital Chapter Annual  Officers election
Approval vote for revised Chapter Bylaws

December 15, 2009 6:30 PM

740 15th Street NW
4th floor
Washington, DC 20005

Click here for details.

Please RSVP if you plan to attend.

April 21, 2009

April Meeting Topic: Smartphone Hacks and Attacks
A Demonstration of Current Threats to Mobile Devices
Presenter: Daniel Hoffman, SMobile Systems

Sponsored by
SMOBILE

Abstract
Many operate under the assumption that threats to BlackBerry's, Symbian, Windows Mobile, Android and iPhone devices don't exist. With 2 of the top 3 BlackBerry infectors and 3 of the top 4 Windows Mobile infectors being spyware, that's exactly what the hackers want you to think. The goal of malware and attacks in general have changed from simply being disruptive, to being financially motivated, non-disruptive and stealthy. By showing actual, current exploits, see how users and enterprises who are waiting to experience an infection or data loss before implementing security software for their smarthphones are placing themselves into the unsavory position of unknowingly becoming exploited and having absolutely no security software to address that exploitation.

About Daniel Hoffman
Mr. Hoffman is the Chief Technology Officer of SMobile Systems and a world renown mobile security expert. He has built his expertise as a Telecommunications Specialist with the U.S. Coast Guard, IT Director and as Senior Engineer, architecting security solutions for the largest companies in the world. He has been the keynote speaker at numerous security events including Hacker Halted, InfoSec World and ChicagoCon and is routinely interviewed by media outlets such as Fox News, The New York Times and The Wall Street Journal.  He is known for his live hacking demonstrations and videos, which have been featured in the Department of Homeland Security's open source infrastructure report. Mr. Hoffman is the author of "Blackjacking: Security Threats to Blackberry Devices, PDAs and Cell Phones in the Enterprise." and "Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control"

April 21, 2009 6:30 PM
Radio Free Asia Conference Room
2025 M St. NW – Street Level
Washington DC
Click here for details.
Please email your RSVP if you plan to attend.