Membership Meeting: October 16, 2019

Meeting Registration – Click Here

Special Event

ISSA Central MD is hosting an event at the National Electronic Museum to celebrate National Cybersecurity Month.

Topic: Taking a holistic approach to an insider threat program

This presentation will provide insider threat mitigation strategies for every phase of the employment life cycle, including pre-employment screening; ongoing insider threat and security training; leveraging tools like Jazz Networks for user activity monitoring, and finally what to watch out for when an employee is leaving the organization.  We will share anecdotes from public and private sector service experience, highlighting vulnerable areas of the employee life cycle where an insider can become an active threat.  We will also provide a brief demonstration of the Jazz Networks insider threat and detection platform.

Speaker: Charles Finfrock, Senior Threat Investigator, Tesla

Charles Finfrock is a Senior Threat Investigator in Tesla’s Security Intelligence Department, the team responsible for protecting Tesla’s Intellectual Property and confidential business information from internal and external threats. Prior to joining Tesla, Charles spent 18 years as an operations officer in the Central Intelligence Agency. Charles is also the head of Insider Threat at the Washington DC based, Cyber Intelligent Partners, a training and education company focused on helping companies develop programs to counter cyber threats, regional threats, and insider threats.

Topic: Security Operations Maturity Model (SOMM)

SOMM explores how to assess and evolve the principle programs of the security operations center (SOC): threat monitoring, threat hunting, threat investigation, and incident response. LogRhythm developed the Threat Lifecycle Management (TLM) framework to help organizations ideally align technology, people, and process in support of these programs. The TLM framework defines the critical security operations technological capabilities and workflow processes that are vital to realize an efficient and effective SOC. LogRhythm’s SOMM helps organizations measure the effectiveness of their security operations, and to mature their security operations capabilities. Using our TLM framework, the SOMM provides a practical guide for organizations that wish to optimally reduce their mean time to detect (MTTD) and mean time to respond (MTTR) — thereby dramatically improving their resilience to cyberthreats.

Speaker: Darren Cathey, Sr. Systems Engineer, LogRhythm

Darren Cathey has several decades of experience in programming, operating systems, and applications security. His multi-functional experience in engineering, marketing and sales lends itself well to supporting both SMB and Enterprise customers in the Mid-Atlantic territory as a Sr. Systems Engineer. Past experience includes positions with HP, Wind River Systems, Arxan, Vormetric and Varonis.

5:15 – 5:45 (Chapter Business / Food / Networking)

6:00 – 7:30 (Presentation / Q&A)

7:30 – 9:00 (Exploring the museum on your own or with a guide)

Note: The October Meeting will be at the National Electronic Museum to celebrate National Cybersecurity Month.

Meeting Registration – Click Here

Please Note:

  • Deadline to register is October 14th at 12:00 PM (noon).
  • Chapter & ISSA member’s ticket: FREE
  • Guest tickets: $15 if registered by 5 PM on October 14th. Otherwise, $20 at the door (cash or credit card). Refunds available until October 14th at 5pm.


5:15 – 5:45 Chapter Business Meeting

6:00 – 7:30 Speaker and Q&A




Study Group Registration – Click Here

CISSP Study Group

Spring 2020

ISSA Central Maryland is pleased to announce the opening of registration for our Spring 2020 session of the CISSP Study Group.  As you may know, we conduct these study groups twice a year (Spring and Fall) in order to provide access to high-quality, low-priced resources to further the Information Security profession, and help our community members meet the compliance requirements outlined in DoD 8570.01.  At just $450.00, our study group sessions are highly affordable even for those who are not reimbursed for educational expenses.

Dates:           Tuesday nights February 18, 2020 thru May 19, 2020 (14 weeks)

Time:            5:00 – 8:00 P.M.

Where:        UMBC Training Center, 6996 Columbia Gateway Drive,Columbia, MD

Cost:            $450.00
Discounts available for employees of chapter sponsors.

Text:              CISSP All-in-One Exam Guide, 8th Edition by Shon Harris and Fernando Maymi.. Available on via this link.

The registration fee includes attendance at the study group, copies of the presentations, other materials, and dinner!  NOT INCLUDED are the cost of the textbook and the CISSP exam.

Reasons you should join our study group:

  1. Great instructors. Many of our instructors were pioneers in the information security field and personally worked with some of the people we read about in our textbook
  2. Low cost. Much more economical than most Boot Camps or even other comparable study groups.
  3. Group dynamics of a live, instructor-led study group
  4. Time for things to sink in. This is not a one-week boot camp.  We want you to learn, not cram.
  5. It’s a night you don’t have to cook! We typically bring in pizza, Subway, Uno’s, Jimmy John’s, and such, so you don’t have to eat before or after you get here.
  6. Hang out with other smart people. Meet and make friends with other people who are serious about advancing their careers.  Enjoy intelligent conversation on topics of interest to you.
  7. Meet new people working in your industry. Network for recruiting or collaborative purposes.
  8. Earn CPEs. Already have another certification?  This will likely count toward CPEs for existing certs.
  9. Structure. A physical class imposes a little external discipline to your study schedule.  A little peer pressure to keep up with the group can be a good thing.  Some people want to go at a slower pace, but most of us need a little push.
  10. Chapter Membership: Join ISSA within three months of class completion and the Chapter will refund the local chapter dues.

Additional information, contact:
Vice President of Education
Kevin Newman, CISSP, GCIH

Study Group Registration – Click Here

Previous Meetings

Membership Meeting: September 25, 2019

Chapter Business Meeting Slides: 2019-09-25-Meeting-Presentation.pdf Speaker Presentation: Topic: .govCAR: Threat Based Cyber Capability Review The Cybersecurity and Infrastructure Security Agency (CISA) developed the .govCAR methodology to take a threat-based approach to cybersecurity risk... READ MORE

Membership Meeting: August 28, 2019

Chapter Business Meeting Slides: 2019-08-28-Meeting-Presentation.pdf Speaker Presentation: Failing-at-Cybersecurity.pdf Topic: Fail Secure: 20 Ways to Undermine Your Security Program There’s policy, and then there’s reality. All too often, security teams find their efforts overridden or... READ MORE