Membership Meeting: October 16, 2019

posted in: Blog, Meetings, Uncategorized | 0

Chapter Business Meeting Slides: 2019-10-16-Meeting-Presentation.pdf

Speaker Presentation:

ISSA Central MD is hosting an event at the National Electronic Museum to celebrate National Cybersecurity Month.

Topic: Taking a holistic approach to an insider threat program

This presentation will provide insider threat mitigation strategies for every phase of the employment life cycle, including pre-employment screening; ongoing insider threat and security training; leveraging tools like Jazz Networks for user activity monitoring, and finally what to watch out for when an employee is leaving the organization.  We will share anecdotes from public and private sector service experience, highlighting vulnerable areas of the employee life cycle where an insider can become an active threat.  We will also provide a brief demonstration of the Jazz Networks insider threat and detection platform.

Speaker: Charles Finfrock, Senior Threat Investigator, Tesla

Charles Finfrock is a Senior Threat Investigator in Tesla’s Security Intelligence Department, the team responsible for protecting Tesla’s Intellectual Property and confidential business information from internal and external threats. Prior to joining Tesla, Charles spent 18 years as an operations officer in the Central Intelligence Agency. Charles is also the head of Insider Threat at the Washington DC based, Cyber Intelligent Partners, a training and education company focused on helping companies develop programs to counter cyber threats, regional threats, and insider threats.

Topic: Security Operations Maturity Model (SOMM)

SOMM explores how to assess and evolve the principle programs of the security operations center (SOC): threat monitoring, threat hunting, threat investigation, and incident response. LogRhythm developed the Threat Lifecycle Management (TLM) framework to help organizations ideally align technology, people, and process in support of these programs. The TLM framework defines the critical security operations technological capabilities and workflow processes that are vital to realize an efficient and effective SOC. LogRhythm’s SOMM helps organizations measure the effectiveness of their security operations, and to mature their security operations capabilities. Using our TLM framework, the SOMM provides a practical guide for organizations that wish to optimally reduce their mean time to detect (MTTD) and mean time to respond (MTTR) — thereby dramatically improving their resilience to cyberthreats.

Speaker: Darren Cathey, Sr. Systems Engineer, LogRhythm

Darren Cathey has several decades of experience in programming, operating systems, and applications security. His multi-functional experience in engineering, marketing and sales lends itself well to supporting both SMB and Enterprise customers in the Mid-Atlantic territory as a Sr. Systems Engineer. Past experience includes positions with HP, Wind River Systems, Arxan, Vormetric and Varonis.