BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Central Maryland Chapter of ISSA - ECPv6.15.20//NONSGML v1.0//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-WR-CALNAME:Central Maryland Chapter of ISSA X-ORIGINAL-URL:https://issa-centralmd.org X-WR-CALDESC:Events for Central Maryland Chapter of ISSA REFRESH-INTERVAL;VALUE=DURATION:PT1H X-Robots-Tag:noindex X-PUBLISHED-TTL:PT1H BEGIN:VTIMEZONE TZID:America/New_York BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20170312T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20171105T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20180311T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20181104T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20190310T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20191103T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20200308T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20201101T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20210314T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20211107T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20220313T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20221106T060000 END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTART;TZID=America/New_York:20210318T180000 DTEND;TZID=America/New_York:20210318T193000 DTSTAMP:20260424T022019 CREATED:20210209T010035Z LAST-MODIFIED:20210303T002506Z UID:3716-1616090400-1616095800@issa-centralmd.org SUMMARY:First Mid-Atlantic Quarterly Meeting March 18\, 2021 DESCRIPTION:Join our sister chapters of Central Maryland\, Northern Virginia\, DC and Blue Ridge for a special presentation by two national security experts. \nPre-registration required. Click here. \nWe will hear Mark Weatherford\, Chief Strategy Officer at the National Cybersecurity Center and California’s first CISO\,  and Riley Repko\, Founder of CAFE Search Engine who just left a 3-year-plus stint as Special Advisor to the Secretary of the Air Force on Technology Innovation. They will speak on cybersecurity priorities and goals for the incoming administration.  Mark recently wrote a Forbes article advocating for a National Cyber Security Advisor to the President\, restoring the State Department Cyber Ambassador position made famous by Chris Painter\, as well as establishing secure election voting systems across the US. Meanwhile\, Riley is intimately familiar with the Department of Defense’s efforts to establish a truly resilient and cross-branch communications system to support battlefield operations as well as the struggle to establish meaningful public-private cyber partnerships.  This should be an interesting dialog by two experts with insight into where the Biden Administration needs to place emphasis in the first 100 days. \nAbout the Speakers \nMark Weatherford is the Chief Strategy Officer at the National Cybersecurity Center and a Partner at Aspen Chartered where he provides cybersecurity consulting and advisory services to public and private sector organizations around the world. He is also a member of the DHS Homeland Security Advisory Council (HSAC). In 2008 he was appointed by Governor Arnold Schwarzenegger to serve as California’s first Chief Information Security Officer and in 2011 he was appointed in the Obama Administration as the Department of Homeland Security’s first Deputy Under Secretary for Cybersecurity. Mark is a former U.S. Navy Cryptology Officer\, where he led the United States Navy’s Computer Network Defense operations and the Naval Computer Incident Response Team (NAVCIRT). \nRiley Repko left his position as Strategic Adviser to the Air Force Secretary and Chief of Staff on innovation and modernization issues leaders in January. He founded CAFE Search Engine\, which combines a Google-like search functionality with Yelp-like user reviews to help military users find useful AI-solutions. Before returning to the Pentagon\, Riley worked as a Director for Government Affairs at Oracle in DC and Tokyo. He served in the Air Force as an officer\, taking assignments in space operations\, modeling and simulation wargame/exercise support. He held senior Reserve positions as a mobilization assistant both at Air Force Space Command\, on the U.S. Strategic Command staff and at Headquarters Air Force. In March 2004\, he deployed to Balad\, Iraq as the 332nd Air Expeditionary Wing Vice Commander and Director of Staff. URL:https://issa-centralmd.org/calendar/first-mid-atlantic-quarterly-meeting-march-18-2021/ LOCATION:Virtual CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20210224T170000 DTEND;TZID=America/New_York:20210224T193000 DTSTAMP:20260424T022019 CREATED:20201215T232329Z LAST-MODIFIED:20210316T221204Z UID:3507-1614186000-1614195000@issa-centralmd.org SUMMARY:Membership Meeting 2/24/2021 DESCRIPTION:Chapter Business Meeting Slides: 2021-02-24 Meeting Presentation \n\nTopic: Lockpicking 101 \nMeeting Recording: Lockpicking 101 \nThe session will begin with a 15 presentation on primer on the pin picking (SPP) of pin and tumbler locks following by a 30-minute demonstration/interactive session. Participants are welcomed to purchase equipment to work along with the instructor. The simplest options to get are Number 3 Masterlocks: \nhttps://usa.banggood.com/DANIU-12Pcs-High-Quality-Lock-Picks-Tools-Set-Lock-Opener-Locksmith-Tools-p-1139437.html\nhttps://lockpicktools.com/tension-tool-2500-series-set/ \n\n\nSpeaker: Michael\,  Unallocated Space \n\n\n\n\n\nFlay is a past President of Unallocated Spaces. Unallocated Space is a technology-based community center\, based out of a 1600+ SF space located in Severn\, MD.  He has been lockpicking for years and was the 2 time winner of the GrrCon ‘Cage of shame’ lockpicking challenge. He thinks its great fun and is excited to be able to encourage others in the hobby. \nClick Here to register for the February 24th Membership Meeting. URL:https://issa-centralmd.org/calendar/membership-meeting-2-24-2021/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20210127T170000 DTEND;TZID=America/New_York:20210127T193000 DTSTAMP:20260424T022019 CREATED:20201215T232054Z LAST-MODIFIED:20210128T202619Z UID:3505-1611766800-1611775800@issa-centralmd.org SUMMARY:Membership Meeting 1/27/2021 DESCRIPTION:Chapter Business Meeting Slides: 2021-01-27 Membership Meeting \n\n\n\nSpeaker Slides: 2021-01-27 Red Canary Threat Detection ReportTBD \n\n\nMITRE ATT&CK home page: https://attack.mitre.org/\nGithub repo of Atomic Red Team: https://github.com/redcanaryco/atomic-red-team\nGithub Repo for Atomic Red Team execution fraemwork\, Invoke-Atomic: https://github.com/redcanaryco/invoke-atomicredteam\nGithub repo for variation testing tool\, AtomicTestHarnesses: https://github.com/redcanaryco/AtomicTestHarnesses\nInstallation wiki for Invoke-Atomic: https://github.com/redcanaryco/invoke-atomicredteam/wiki\nInvoke-Atomic video tutorials: https://www.youtube.com/watch?v=-HEx-qfd54M&list=PL92eUXSF717W9TCfZzLca6DmlFXFIu8p6\nAbout Atomic Red Team: https://github.com/redcanaryco/atomic-red-team/wiki/About-Atomic-Red-Team\nAtomic Red Team microsite: https://atomicredteam.io/\nAtomic Red Team Slack: https://slack.atomicredteam.io/\nAtomic Test Harnesses Blog series:\nPt. 1: https://redcanary.com/blog/introducing-atomictestharnesses/\nPt. 2: ‌https://redcanary.com/blog/threat-research-questions/\n2020 Threat Detection Report: https://redcanary.com/threat-detection-report/introduction/\nPreviewing the 2021 Threat Detection Report: https://redcanary.com/blog/2021-threat-detection-report-preview/\nSomeone asked about the difference between Caldera and Atomic Red Team: https://redcanary.com/blog/comparing-red-team-platforms/\nHere’s some information on mapping to ATT&CK (both on the context of Atomic Red Team and in the context of behavioral analytics): https://redcanary.com/blog/mitre-sub-techniques/ \nTopic: Simulating Adversary Tradecraft with Atomic Red Team and the Red Canary Threat Detection Report \nWe plan to discuss two important resources that leading teams are using to improve their security: \n\n2020 Threat Detection Report: Red Canary’s annual in-depth analysis of of the top techniques for tens of thousands of threats seen in the wild. For each technique\, we include detection\, prevention\, and testing strategies.\n\n\n\n\nAtomic Red Team: An open-source tool mapped to ATT&CK techniques valuable for benignly simulating specific adversary behaviors\n\n\n\nSpeaker: Brian Donohue\, Red Canary \nBrian has been writing about and researching information security for the last decade. He started his career as a journalist covering security and privacy. He later consulted as a threat intelligence analyst\, researching adversaries and techniques for a variety of major banks\, retailers\, and manufacturers. At Red Canary\, Brian helps guide research publication and technical messaging efforts. URL:https://issa-centralmd.org/calendar/membership-meeting-1-27-2021/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20210113T080000 DTEND;TZID=America/New_York:20210113T093000 DTSTAMP:20260424T022019 CREATED:20201216T141121Z LAST-MODIFIED:20210316T222818Z UID:3580-1610524800-1610530200@issa-centralmd.org SUMMARY:Morning Membership Meeting 01/13/2021 DESCRIPTION:Chapter Business Meeting Slides: 2021-01-13 Breakfast Meeting Presentation \n\n\n\nSpeaker Slides: 2021-01-13 Sepio HAC Solution for ISSA \nSepio Whitre Paper: 2021-01-13 Sepio CMMC White Paper \n\n\nTopic: Reducing The Risk of Unapproved and Rogue Devices \nMeeting Recording: Reducing The Risk of Unapproved and Rogue Devices \nSepio delivers a Hardware Access Control (HAC) platform that reduces the risk of unapproved and rogue devices by providing complete visibility\, control\, and mitigation of all hardware assets. Sepio’s hardware fingerprinting\, augmented by machine learning\, discovers all managed\, unmanaged\, and hidden devices that are invisible to all other security tools. Sepio’s solution supports CMMC hardware controls\, NNDA section 889 and also enhances zero trust\, insider threat\, BYOD\, IT\, OT\, and IoT security programs. \nSpeaker: Jay Smilyk\, Chief Revenue Officer\, Sepio \n\n\nJay Smilyk is the Chief Revenue Officer for Sepio.  He oversees the firm’s strategic operations including its growth\, recruitment and channel development efforts.   Previously\, Smilyk served as vice president of North American sales at Safend/Supercom and held similar sales leadership positions at Cynet\, RSA and Check Point Software Technologies. URL:https://issa-centralmd.org/calendar/morning-membership-meeting-01-13-2021/ LOCATION:Virtual via Zoom\, MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20201216T170000 DTEND;TZID=America/New_York:20201216T193000 DTSTAMP:20260424T022019 CREATED:20191214T143442Z LAST-MODIFIED:20210316T223344Z UID:2986-1608138000-1608147000@issa-centralmd.org SUMMARY:Membership Meeting 12/16/2020 DESCRIPTION:December meeting is sponsored:  \n \nhttps://redcanary.com/\nClick Here for more information about on meeeting sponsor. \n\nChapter Business Meeting Slides: 2020-12-16 Membership Meeting \n\n\n\nSpeaker Slides: Least Privilege with PowerShell JEA \n\n\nSpeaker Recording: Least Privilege with PowerShell JEA \nTopic: PowerShell JEA \nPowerShell JEA allows us Systems Administrators to empower our fellow admins\, developers\, and security personal to accomplish what they need to on our systems. Give them just enough administrative permissions to accomplish their duties without interrupting your day or night. This talk shows how to assign roles and give the appropriate permissions to those roles. \nSpeaker: James Honeycutt \n\n\nJames is a dedicated cybersecurity professional who enjoys scripting and participating in capture the flags. He has served over 20 years in the military in various technical and leadership positions. He is part of a Cyber Protection Team and serve as the Microsoft Windows Expert.  In past assignments\, he served as the OIC (Officer in Charge) of both the battalion IT shop and brigade logistics IT shop\, he was the “technology adviser to the Commander”. He has  also served as a systems administrator\, helpdesk manager\, and classroom support tech.  Some of his additional duties included being an Information Assurance Manager Alternate and Network Admin backup. \n​James is working as a SANs Mentor and TrilogyEd TA.  For SANs\, he is mentoring SEC505 (Securing Windows and PowerShell Automation) and SEC511 (Continuous Monitoring and Security Operations) and for TrilogyEd\, He is TA’ing a Cyber Security Bootcamp \nDuring his career\, James has been known as the “go-to guy” for IT questions and problems by his directors\, commanders\, and peers. He has received numerous awards for his work and knowledge\, to include several Meritorious Service Medals and Company Grade Officer of the Year for the state of Arkansas.  He has a Bachelors of Science in Management in Information Systems.  James holds the following certifications: CISSP\, VCP5-DCV\, GWAPT\, GPYC\, GMON\, GCWN\, GPEN\, GCIA\, GCIH\, GCFA\, GSEC\, GSNA\, SEC +\, C|EH URL:https://issa-centralmd.org/calendar/membership-meeting-12-16-2020/ LOCATION:Virtual via Zoom\, MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20201118T170000 DTEND;TZID=America/New_York:20201118T193000 DTSTAMP:20260424T022019 CREATED:20191214T143303Z LAST-MODIFIED:20201202T174304Z UID:2984-1605718800-1605727800@issa-centralmd.org SUMMARY:Membership Meeting 11/18/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-11-18 – Meeting Presentastion.pdf\n\n\n\nSpeaker Slides: Roles of Artificial Intelligence and Deep Learning in Detecting Data Exfiltration \nTopic: Roles of Artificial Intelligence and Deep Learning in Detecting Data Exfiltration \nEssential Internet services are vital for many aspects of modern living\, yet those services remain valuable to threat actors who use them for network intrusions and data exfiltration. Dr. Pena completed a quantitative research study analyzing the ability of a Convolutional Neural Network (CNN) to detect Domain Name System (DNS) covert communications generated by the DNSExfiltrator open source tool. The results showed the CNN model had100% accuracy when exfiltrated file sizes exceeded 2 Kilobytes (KB) using the default (maximum) transmission packet size\, but its performance fell dramatically for files below 1 KB in size. \nAs AI/ML solutions become more prevalent in cybersecurity tools\, professionals must understand where a model’s strengths and weaknesses lay in order to apply appropriate risk mitigations\, such as tuning complimentary detection systems. \nSpeaker: Dr. Tomas Pena\, L3 Harris Technologies \n\n\nDr. Tomas Pena is the Chief Technologist for Cyber Operations at L3Harris Technologies’ Space and Airborne Systems Segment. In that role\, he’s responsible for cyber innovation and improving the resiliency of company products spanning land\, sea\, air\, space\, and cyber domains. He’s been in cyber-related systems engineering and defense contracting positions since 2013. Prior to that time\, he completed 20 years of service in the United States Air Force as a Cyberspace Operations Officer where he organized\, planned\, executed full-spectrum cyberspace operations\, stood up the United States Cyber Command’s 24/7 Joint Operations Center\, and led Air Force Business Transformation Initiatives at the Pentagon. Dr. Pena has also filled roles such as managing the Global Positioning System satellite control systems\, managing theater communications during Operations IRAQI FREEDOM and ENDURING FREEDOM. He is also the Founder and President of Parallax Cyber LLC\, a small business focused on training and educating the workforce in Cybersecurity and Cyber Conflict\, and the current Editor-in-Chief of the Military Cyber Professional Associations’ Military Cyber Affairs Journal. \n\n\nClick Here to register for the November 18\, 2020 General Membership Meeting URL:https://issa-centralmd.org/calendar/membership-meeting-11-18-2020/ LOCATION:Virtual via Zoom\, MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20201028T170000 DTEND;TZID=America/New_York:20201028T193000 DTSTAMP:20260424T022019 CREATED:20191214T143204Z LAST-MODIFIED:20201111T151355Z UID:2982-1603904400-1603913400@issa-centralmd.org SUMMARY:Membership Meeting 10/28/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-10-28- Meeting Presentastion.pdf \nSpeaker Slides: 30 Years 20-10-28.pdf \nTopic: Lessons Learned from 30 Years of Security Awareness Efforts \nOrganisations acknowledge that employees are often the weakest link\, yet efforts to improve ‘user awareness’ tend to rely upon available tools and not true experience. Drawing on three decades of awareness efforts and experience improving true security behaviours\, Ira Winkler will dispel many commonly held beliefs about security awareness\, detailing what consistently works and what does not. \nLearning Objectives:\n1: Learn and apply what works consistently across hundreds of organisational awareness efforts.\n2: Learn from research in other disciplines that improves awareness efforts.\n3: Learn how to create a security culture that drives individual security behaviours. \nSpeaker: Ira Winkler\, President\, Secure Mentem \n\n\nIra Winkler\, CISSP\, is the President of Secure Mentem and Author of Advanced Persistent Security\, and the forthcoming books\, You Can Stop Stupid and Security Awareness for Dummies. He is considered one of the world’s most influential security professionals and was named “The Awareness Crusader” by CSO magazine in receiving their CSO COMPASS Award. He also received the ISSA Hall of Fame award. He has designed and implemented and supported security awareness programs at organizations of all sizes\, in all industries\, around the world. Ira began his career at the National Security Agency\, where he served in various roles as an Intelligence and Computer Systems Analyst. He has since served in other positions supporting the cybersecurity programs in organizations of all sizes. Ira’s new book can be preordered here: https://tiny.cc/stupidbook URL:https://issa-centralmd.org/calendar/membership-meeting-10-28-2020/ LOCATION:Virtual via Zoom\, MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200923T170000 DTEND;TZID=America/New_York:20200923T193000 DTSTAMP:20260424T022019 CREATED:20191214T143109Z LAST-MODIFIED:20200923T224911Z UID:2980-1600880400-1600889400@issa-centralmd.org SUMMARY:Membership Meeting 9/23/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-09-23-Meeting-Presentation.pdf \nSpeaker Slides: UAS-Forensics-Framework-2020-09-23.pdf \nTopic: A Study on Drone Forensics Framework \nAs consumer unmanned aircraft systems (UAS) or drones are used more commonly in public areas\, an approach for a drone forensics framework is needed to guide forensics investigators in analyzing recovered drones that entered the unauthorized national airspace system (NAS). The presentation is based on a doctoral research study focused on whether a single framework and multiple frameworks for drone forensics. The data collected through an online survey provided detailed descriptions of the participants’ most commonly used forensics frameworks or guidelines. The data collected from participants in the United States measured the occurrences of the type of guidelines forensics examiners used. The results of the study identified a need for a standard drone forensic framework across digital forensic disciplines and aircraft accident investigation for use by investigators to produce admissible evidence for litigation in the U.S. courts. The research led to a proposed basic drone forensics framework\, which can be improved upon in future research. \nSpeaker: Nagi Mei\, D.Sc. \n\nDr. Nagi Mei has over 14 years in management and technology consulting service offerings to the commercial and health industries\, and federal\, state\, and local governments. She has extensive experience in strategic initiatives and operational responsibilities grounded in information security management. Dr. Mei is a project manager where she leads teams in implementing information security projects. Dr. Mei received a Doctor of Science in Cybersecurity from the Capitol Technology University. She holds a Master in Business Administration\, a Master of Science in Information and Telecommunications Systems from the Johns Hopkins Carey Business School\, and a Bachelor of Science in Information Systems concentrating in Digital Forensics from the Johns Hopkins University. She holds certifications in Sec+\, PMP\, PMI-ACP\, SSM\, CSM\, and ITILv3. URL:https://issa-centralmd.org/calendar/membership-meeting-9-23-2020/ LOCATION:Virtual via Zoom\, MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200826T170000 DTEND;TZID=America/New_York:20200826T193000 DTSTAMP:20260424T022019 CREATED:20191214T142719Z LAST-MODIFIED:20210316T223758Z UID:2978-1598461200-1598470200@issa-centralmd.org SUMMARY:Membership Meeting 8/26/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-08-26 Membership Meeting \nSpeaker Slides: Dell Security Operations 2.0 Transformation \nSpeaker Recording: Dell Security Operations 2.0 Transformation \nTopic: Security Operations 2.0 \nWith Dell Technologies being looked at as a key innovator is response to the rapidly changing workforce\, Bob will layout  a vision of what the next-gen security operations will begin to look like. Based on his past experience as a cybersecurity director and his current outlook within Dell Technologies\, Bob will explore how technology will drive how we assess risk\, manage and mitigate risk\, and provide situational awareness. Enablers for remote workforce\, multi-cloud operations\, and enhanced intelligence all play a role in every agency’s modernization strategy.  But should how you secure these new environments change how you think about securing the rest? \nSpeaker: Bob Nicholson\, Business Development Executive\, Dell Technologies Federal \nBob Nicholson is currently a Business Development Executive for the Dell Technologies’ Federal team with a concentration on Federal Civilian agencies. Bob has been serving in this position for 5 years but brings more than 25+ years of solutioning experience in support of the public sector. \nFor 15 years he served as a cybersecurity leader and solution architect within the federal government which included designing and implementing many enterprise solutions and establishing many best practices. Many of these as a result of Federal mandates\, Bob has a great deal of experience working within government\, in coordination with its many bodies of governance\, and throughout industry. He has transferred this knowledge and relationships into not only being a strong advocate for innovation within government\, but also a facilitator for ensuring its success. URL:https://issa-centralmd.org/calendar/membership-meeting-8-26-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200722T170000 DTEND;TZID=America/New_York:20200722T193000 DTSTAMP:20260424T022019 CREATED:20191214T142609Z LAST-MODIFIED:20210316T224103Z UID:2976-1595437200-1595446200@issa-centralmd.org SUMMARY:Membership Meeting 7/22/2020 DESCRIPTION:Chapter Business Meeting Slides: Membership Meeting 7/22/2020 \nSpeaker Slides: MSSP Market Overview \nSpeaker Recording: MSSP Market Overview \nTopic: Managed Security Services \nAn overview of the Managed Security Services market including: \n\nDefinition of MSS\nCategorization of MSS market segments and the pros and cons of each\nExplanation of why certain offerings dominate the MSS market and why other offerings are less common\nOverview of vendors and their products aligned with the common MSS offerings\nDescription of the varying service models and how they align to different types of customers\nPredictions of disruptions to the MSS market in the coming years\n\nSpeaker: \nJohn Perkins\, Founder\, ThreatAngler \nJohn Perkins is the Founder of Threat Angler and brings over twenty years of cybersecurity experience. During the first fifteen years of his career at the Federal Reserve\, he contributed to nearly all cybersecurity disciplines. John spent the next five years designing\, building\, and leading managed security services with Optiv\, GuidePoint\, Insight Enterprises\, and other service providers. John’s passion is to build a sustainable managed security service focused on delivering cybersecurity value outcomes while developing cybersecurity talents in team members. URL:https://issa-centralmd.org/calendar/membership-meeting-7-22-2020/ LOCATION:Virtual via Zoom\, MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200624T170000 DTEND;TZID=America/New_York:20200624T193000 DTSTAMP:20260424T022019 CREATED:20191214T142457Z LAST-MODIFIED:20200722T102622Z UID:2974-1593018000-1593027000@issa-centralmd.org SUMMARY:Membership Meeting 6/24/2020 DESCRIPTION:Click HERE to Register for the June 2020 Virtual Meeting \nChapter Business Meeting Slides: 2020-06-24-Meeting-Presentation.pdf \nSpeaker Slides: TBD \nTopic: Cybersecurity Maturity Model Certification (CMMC) – A New\, Required DoD Cybersecurity Standard \nOn January 31\, 2020\, the DoD published a new cybersecurity standard which will be required beginning in spring\, 2020 for new acquisitions awarded to contractors who do business with DoD.  The Cybersecurity Maturity Model Certification (CMMC) framework consists of 17 domains\, five processes across five levels to measure maturity\, and 171 practices across five levels to measure technical capabilities.  DoD Program Manager’s will determine what level of maturity required to bid on new RFIs and RFPs based upon the sensitivity of the data in the contract.  Maturity Levels range from Level 1\, Basic Cyber Hygiene which is performed on an ad hoc basis up to Level 5\, Advanced / Progressive cybersecurity capabilities performed with optimized maturity.  Level 3 will be required for all future DoD acquisitions where basic Controlled Unclassified Information (CUI) will be part of the performance of the contract. \nCMMC will be implemented on a crawl\, walk\, run basis over the course of the next five years.  This spring the Accreditation Body will begin to train C3PAO organizations to certify companies.  The DoD will train their Program Managers.  Starting in June\, a few select contracts will be identified with CMMC requirements in RFIs. This fall\, CMMC requirements will appear in a few select RFPs.  The execution of a new contract will require that prime contractor and their subcontractors to achieve the appropriate level of CMMC called upon in the contract.  While details are still evolving\, it is important to prepare now!  Come learn more about these new requirements and how to get started. \nSpeaker: Dawn M Greenman\, Deputy Program Manager Cybersecurity for Johns Hopkins Applied Physics Laboratory (JHU/APL) \nDawn M Greenman is Deputy Program Manager Cybersecurity for Johns Hopkins Applied Physics Laboratory (JHU/APL).  In this position\, she oversees cybersecurity projects across the organization and assists in the oversight of JHU/APL’s cyber operations\, security engineering\, and IT compliance functions. \nOver the past 25 years\, Ms. Greenman has held positions of increasing responsibility in information technology and cybersecurity\, working for companies small to large. In 2017\, Dawn lead JHU/APL to compliance with DFARS 7012 and NIST SP 800-171.  During this time\, she recognized the struggle small organizations were having with compliance requirements and also understood compliance alone was not enough.  She started to participate in external projects and lead working groups with DoD and industry to develop strategies to improve the protection of controlled unclassified information. \nMore recently\, passionate to improve the security of the DoD supply chain\, Ms. Greenman eagerly accepted a role as Outreach Lead for the DoD Office of Sustainment and Acquisition’s Cybersecurity Maturity Model Certification (CMMC) project.  The Cybersecurity Maturity Model\, developed by JHU/APL and SEI/CERT\, delivered DoD a new common standard in cybersecurity in January 2020.  She will continue to participate in efforts to implement this new standard which will begin to be required by all defense contractors doing business with DoD as early as this summer. \nMs. Greenman holds an undergraduate degree in Information Systems with a concentration in Homeland Security.  In July 2019\, she graduated with an Executive Masters of Business Administration from The University of Maryland Robert H. Smith School Of Business.  She is a Certified Information Security Professional (CISSP) and holds the GIAC Security Essentials (GSEC) certification. \nClick HERE to Register for the June 2020 Virtual Meeting URL:https://issa-centralmd.org/calendar/membership-meeting-6-24-2020/ LOCATION:MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200527T170000 DTEND;TZID=America/New_York:20200527T193000 DTSTAMP:20260424T022019 CREATED:20191214T142322Z LAST-MODIFIED:20200527T214939Z UID:2972-1590598800-1590607800@issa-centralmd.org SUMMARY:Membership Meeting 5/27/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-05-27 Meeting Presentation \nMeeting Sponsor Slides: Semperis AD Recovery and Protection – 2020-05-27 \nSpeaker Slides: Bricata SOAR Presentation – Carl Bolterstein 2020-05-27 \nPresentation Title: SOARing into Netsec \nTraditional methods of security event management create a constant struggle to keep up with the large volumes of data produced by siloed\, highly specialized tools. This segmentation and siloing of capabilities produce a huge manual workload on already over worked and under resourced security operation staffs. \nBridging this gap in analyst and security tool capacity is the concept of security orchestration\, automation and response (SOAR). This methodology and toolset allow for cybersecurity tools to react to alerts and incidents automatically to enhance productivity. It is the process and the underlying perspectives and ideas that will be discussed during this presentation. \nSpeaker Bio: Carl Bolterstein\, Senior Solutions Engineer at Bricata \nCarl is an experienced Solution Architect and Engineer in cybersecurity. He has spent the last seven years focused on network and data cyber analysis. He has worked in the public and private sector with a wide range of customers from small business to large enterprise in the engineering and analyst capacity. He currently serves as a Senior Solutions Engineer at Bricata. \nNote: Due to the COVID-19 Coronavirus\, the May General Membership meeting will only be provided virtually via GoToWebinar. There will be no in-person meeting. \nThe May Membership Meeting is sponsored by \n \n  URL:https://issa-centralmd.org/calendar/membership-meeting-5-27-2020/ LOCATION:Virtual CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200422T170000 DTEND;TZID=America/New_York:20200422T193000 DTSTAMP:20260424T022019 CREATED:20191214T142219Z LAST-MODIFIED:20200627T022630Z UID:2970-1587574800-1587583800@issa-centralmd.org SUMMARY:Membership Meeting 4/22/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-04-22-Meeting-Presentation.pdf \nChapter Meeting Recording (122MB): Download from ISSA Central MD SharePoint\, click here \nSpeaker Slides: DevSecOps – Phil Kulp 04-22-2020 \nTopic: DevSecOps: Integrating and Maturing a Security Culture \nCybersecurity professionals have a robust suite of tools and methodologies for assessing risk to operating systems\, firewalls\, and other components but have limited resources to review webapps. As demonstrated by the Equifax breach\, which exploited a third-party library\, continuous monitoring and assessment does not always include a review of software dependencies. We rely on regular patches for commercial software and understand how to deploy updates\, but maintaining secure custom software requires development team support or integration into a DevSecOps pipeline. The lack of insight into custom software and web applications is due to limited automated review and the technical skills required to identify or understand the unique threats to an organization. \nSpeaker: Dr. Philip Kulp\,  PHK Cyber \nDr. Philip Kulp has been consulting in cybersecurity for over 20 years and programming since middle school. In his current role assessing webapps\, he combines his passion for both skills while integrating automated cybersecurity checks into the DevSecOps cycle. He also serves as a cybersecurity architect\, Incident Responder\, independent assessor\, and course creator at Cybrary. Philip seeks learning opportunities to balance his cybersecurity skills between academic\, technical\, and compliance roles. He holds the CISSP certification and two Offensive Security certifications of OSCP and OSCE. In his academic capacity\, Dr. Kulp serves as a chair\, committee member\, and mentor for doctoral students in the Ph.D. and D.Sc. programs at Capitol Technology University. \nNote: Due to the COVID-19 Coronavirus\, the April General Membership meeting will only be provided virtually via GoToWebinar. There will be no in-person meeting. \n  URL:https://issa-centralmd.org/calendar/membership-meeting-4-22-2020/ LOCATION:Virtual CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200325T170000 DTEND;TZID=America/New_York:20200325T193000 DTSTAMP:20260424T022019 CREATED:20191214T142114Z LAST-MODIFIED:20200316T030620Z UID:2968-1585155600-1585164600@issa-centralmd.org SUMMARY:Membership Meeting 3/25/2020 DESCRIPTION:Cancelled: Membership Meeting: March 25\, 2020 \nNotice: The March membership meeting has been cancelled. Due to the COVID-19 Coronavirus\, the Board of Directors of the Central MD Chapter of the Informatin System Security Association\, and in followig the guidelines of the local government and medical experts\, have decided that it is in the best interest of our members to cancel the March membership meeting. We apologize for any inconvenience. \nStay tuned for news of future metings. We are researching opportunities to virtually conduct the April meeting.  URL:https://issa-centralmd.org/calendar/membership-meeting-3-25-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200226T170000 DTEND;TZID=America/New_York:20200226T193000 DTSTAMP:20260424T022019 CREATED:20191214T141855Z LAST-MODIFIED:20200226T231508Z UID:2966-1582736400-1582745400@issa-centralmd.org SUMMARY:Membership Meeting 2/26/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-02-26 Meeting Slides \nSpeaker Slides: Business Email Compromise (BEC) \nTopic: Business Email Compromise: More Sophistication\, More Problems \nBusiness Email Compromise (BEC) is a major threat vector for the private sector. These attacks usually begin with a spear-phishing attempt\, with the intent to conduct fraudulent wire transfers or take other data from an organization. This is a very sophisticated social engineering attack\, so it’s important to understand the way this attack is conducted\, as well as how to protect oneself and an organization. This presentation will give a deep-dive into email headers\, technical issues and solutions around business email compromise attacks. While this is a technical brief\, the idea is to give attendees actionable items to take back to their organization to provide awareness and relevant security configurations. \nSpeaker: Dr. Nikki Robinson\, XLA \nNikki holds a Doctorate of Science in Cybersecurity from Capitol Technology University. Her specialization is in vulnerability management and the challenges around it. She has over 12 years in both the IT and Security fields. Nikki is a Cybersecurity Engineer with an IT background – so she brings technical descriptions to each presentation. She holds certifications in both IT and Security\, including CISSP\, CEH\, CNDA\, MCITP\, and CCAA. Nikki is excited about helping people to solve issues around vulnerability management and lower their risk profile. URL:https://issa-centralmd.org/calendar/membership-meeting-2-26-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200122T170000 DTEND;TZID=America/New_York:20200122T193000 DTSTAMP:20260424T022019 CREATED:20191214T141734Z LAST-MODIFIED:20200122T230102Z UID:2964-1579712400-1579721400@issa-centralmd.org SUMMARY:Membership Meeting 1/22/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-01-22-Meeting-Presentation.pdf \nSpeaker Slides: The Next Gen of Vulnerability Management \nTopic: The Next Gen of Vulnerability Management \nTraditionally\, Vulnerability Management has become entrenched in the CVSS scoring system which itself\, has undergone some revision to more appropriately address things like exploitability\, degree of sophistication and human intervention. While CVSS allows centralization of data and a consistent scoring system\, it falls short of adequately addressing risk from a dynamic perspective. We’ve seen the industry shift in the last few years to a realization that every vulnerability cannot be addressed\, inclusion of individual threat feeds and a more specific approach to dealing with risk. As a result\, the landscape has shifted to a pro-active approach to identify where the best value can be aimed on the vulnerabilities that are most important. \nSpeaker: Michael Morgan\, Chris Edson: Tenable Network Security \nMike Morgan & Chris Edson have been helping customers understand the need for protecting their network\, both on-prem and in the cloud for over 10 years. They have been instrumental in advocating and supporting clients to introduce\, implement\, and build out vulnerability management programs leading to a greater understanding of risk. \nPlease Note: \n\nDeadline to register is December 16th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on December 16th. Otherwise\, $20 at the door (cash or credit card). Refunds available until December 16th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting\n6:00 – 7:30 Speaker and Q&A \n  URL:https://issa-centralmd.org/calendar/membership-meeting-1-22-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191218T170000 DTEND;TZID=America/New_York:20191218T193000 DTSTAMP:20260424T022019 CREATED:20181217T022906Z LAST-MODIFIED:20191219T030224Z UID:2297-1576688400-1576697400@issa-centralmd.org SUMMARY:Membership Meeting 12/18/2019 DESCRIPTION:Sponsored by: \nChapter Business Meeting Slides: 2019-12-18-Meeting-Presentation.pdf \nSpeaker Presentation: Risk Mitigation for Cybersecurity Service Providers \nTopic: Risk Mitigation Strategies for Cybersecurity Service Providers \nEveryone is talking about “vendor risk” and “vendor management” on the client side\, but who’s looking out for the risks that your cybersecurity product or service company faces when helping those same clients by licensing a cutting-edge cyber tool\, conducting a penetration test or risk assessment\, providing post-breach forensic services\, or otherwise helping a customer deal with its privacy and data security risks?  This session will focus on a few key areas of concern when negotiating customer contracts. \nSpeaker: Razvan E. Miutescu: Business\, Technology\, and Information Governance Attorney\, Whiteford Taylor & Preston LLP \nRazvan Miutescu is a technology and information governance attorney with Whiteford\, Taylor & Preston. His practice focuses on privacy; data security; information technology transactions; licensing; and data management\, including data broker transactions\, cloud services\, and distributed ledgers/blockchain technology matters. He has been a co-chair of the Data Privacy\, Cyber Security & Technology committee of the Maryland State Bar Association since 2015 and is an active member of the tech community in the Baltimore-DC area. \nPlease Note: \n\nDeadline to register is December 16th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on December 16th. Otherwise\, $20 at the door (cash or credit card). Refunds available until December 16th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting\n6:00 – 7:30 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-12-18-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191120T170000 DTEND;TZID=America/New_York:20191120T193000 DTSTAMP:20260424T022019 CREATED:20181217T022815Z LAST-MODIFIED:20191214T165750Z UID:2295-1574269200-1574278200@issa-centralmd.org SUMMARY:Membership Meeting 11/20/2019 DESCRIPTION:Topic: Threat Informed Defense with MITRE ATT&CK™ \nChapter Business Meeting Slides: 2019-11-20-Meeting-Presentation.pdf \nSpeaker Presentation: Threat Informed Defense with MITRE ATT&CK \nThe MITRE ATT&CK framework has become a widely used knowledge base and model for real cyber adversary behavior. In use across governments\, private sector\, and security solutions providers\, ATT&CK helps to focus defenses against known threats\, provides an effective tool for measuring security improvements\, and drives innovation. \nThe session will cover the history of ATT&CK and what drove its creation at MITRE\, the philosophy behind how ATT&CK is maintained\, and several use cases for how it can be applied including behavioral analytic development\, defensive gap analysis\, and adversary emulation. \nSpeaker: Michael C. Long II\, Senior Cyber Adversarial Engineer\, The MITRE Corporation \nMichael Long is a Senior Cyber Adversarial Engineer with the MITRE Corporation and a former U.S. Army Cyber Operations Specialist. Michael has over 10 years of experience in information security disciplines including adversary threat emulation\, red teaming\, threat hunting\, and digital forensics and incident response. Michael Long has a proven track record of service in the public interest. Michael served on countless cyber operations for organizations including the Army Cyber Protection Brigade and Army Cyber Command\, the results of which he regularly briefed to commanding generals\, strategic executives\, and congressional staffers. With MITRE\, Michael continues to apply his technical expertise to improve the cybersecurity of our nations most sensitive and critical networks. Michael has a Masters Degree in Information Security Engineering from SANS Technology Institute\, and holds many information security certifications including the prestigious GIAC Security Expert certification (GSE). \nPlease Note: \n\nDeadline to register is November 18th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on November 18th. Otherwise\, $20 at the door (cash or credit card). Refunds available until November 18th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A \n  URL:https://issa-centralmd.org/calendar/membership-meeting-11-20-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191016T170000 DTEND;TZID=America/New_York:20191016T193000 DTSTAMP:20260424T022019 CREATED:20181217T022722Z LAST-MODIFIED:20191016T225533Z UID:2293-1571245200-1571254200@issa-centralmd.org SUMMARY:Membership Meeting 10/16/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-10-16-Meeting-Presentation.pdf \nSpeaker Presentation: Taking a holistic approach to an insider threat program \nSpeaker Presentation: Security Operations Maturity Model (SOMM) \nISSA Central MD is hosting an event at the National Electronic Museum to celebrate National Cybersecurity Month. \nTopic: Taking a holistic approach to an insider threat program \nThis presentation will provide insider threat mitigation strategies for every phase of the employment life cycle\, including pre-employment screening; ongoing insider threat and security training; leveraging tools like Jazz Networks for user activity monitoring\, and finally what to watch out for when an employee is leaving the organization.  We will share anecdotes from public and private sector service experience\, highlighting vulnerable areas of the employee life cycle where an insider can become an active threat.  We will also provide a brief demonstration of the Jazz Networks insider threat and detection platform.\n \nSpeaker: Charles Finfrock\, Senior Threat Investigator\, Tesla \nCharles Finfrock is a Senior Threat Investigator in Tesla’s Security Intelligence Department\, the team responsible for protecting Tesla’s Intellectual Property and confidential business information from internal and external threats. Prior to joining Tesla\, Charles spent 18 years as an operations officer in the Central Intelligence Agency. Charles is also the head of Insider Threat at the Washington DC based\, Cyber Intelligent Partners\, a training and education company focused on helping companies develop programs to counter cyber threats\, regional threats\, and insider threats. \nTopic: Security Operations Maturity Model (SOMM) \nSOMM explores how to assess and evolve the principle programs of the security operations center (SOC): threat monitoring\, threat hunting\, threat investigation\, and incident response. LogRhythm developed the Threat Lifecycle Management (TLM) framework to help organizations ideally align technology\, people\, and process in support of these programs. The TLM framework defines the critical security operations technological capabilities and workflow processes that are vital to realize an efficient and effective SOC. LogRhythm’s SOMM helps organizations measure the effectiveness of their security operations\, and to mature their security operations capabilities. Using our TLM framework\, the SOMM provides a practical guide for organizations that wish to optimally reduce their mean time to detect (MTTD) and mean time to respond (MTTR) — thereby dramatically improving their resilience to cyberthreats. \nSpeaker: Darren Cathey\, Sr. Systems Engineer\, LogRhythm \nDarren Cathey has several decades of experience in programming\, operating systems\, and applications security. His multi-functional experience in engineering\, marketing and sales lends itself well to supporting both SMB and Enterprise customers in the Mid-Atlantic territory as a Sr. Systems Engineer. Past experience includes positions with HP\, Wind River Systems\, Arxan\, Vormetric and Varonis. \n5:15 – 5:45 (Chapter Business / Food / Networking) \n6:00 – 7:30 (Presentation / Q&A) \n7:30 – 9:00 (Exploring the museum on your own or with a guide) \nNote: The October Meeting will be at the National Electronic Museum to celebrate National Cybersecurity Month. URL:https://issa-centralmd.org/calendar/membership-meeting-10-23-2019/ LOCATION:National Electronics Museum\, 1745 West Nursery Road\, Linthicum\, MD\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191008T080000 DTEND;TZID=America/New_York:20191008T100000 DTSTAMP:20260424T022019 CREATED:20190820T222219Z LAST-MODIFIED:20191008T115401Z UID:2775-1570521600-1570528800@issa-centralmd.org SUMMARY:ISSA Central MD Breakfast Meeting 10/8/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-10-08-Meeting-Presentation.pdf \nTopic: A Security Walkthrough of IAM in Light of Data Breaches in the Cloud \nIdentity has become the new perimeter in the world of api-driven infrastructures (cloud computing).  Understanding the challenges and complexity of least privilege is critical to securing your organization against data breaches in the cloud. \nSpeaker: Jonathan Villa\, Practice Director\, Cloud Security at GuidePoint Security \nJonathan Villa has over 19 years of experience as a technology consultant including 17 years of working experience in the information security field. For over 10 years Jonathan consulted to a large municipality as a senior consultant in several competencies including PCI compliance and training\, web application architecture and security\, vulnerability assessments\, trained developers in secure coding\, web application firewall administration\, and co-architected and managed an automated continuous integration environment that included static and dynamic code analysis for over 150 applications deployed to several distinct environments and platforms. Jonathan has worked with virtualization and cloud technologies since 2005 and his main focus has been on cloud security since 2010. Jonathan has worked with clients across the USA\, in South America\, and Asia to design and implement secured public and hybrid cloud environments\, integrate security into continuous integration and continuous delivery methodologies\, develop custom security solutions using the AWS SDK\, and provide guidance to customers in understanding how to manage their environments under the Shared Responsibility Model. \n  URL:https://issa-centralmd.org/calendar/issa-central-md-breakfast-meeting-10-8-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190925T170000 DTEND;TZID=America/New_York:20190925T193000 DTSTAMP:20260424T022019 CREATED:20181217T022636Z LAST-MODIFIED:20191019T131328Z UID:2291-1569430800-1569439800@issa-centralmd.org SUMMARY:Membership Meeting 9/25/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-09-25-Meeting-Presentation.pdf \nSpeaker Presentation: .govCAR: Threat Based Cyber Capability Review \nTopic: .govCAR: Threat Based Cyber Capability Review \nThe Cybersecurity and Infrastructure Security Agency (CISA) developed the .govCAR methodology to take a threat-based approach to cybersecurity risk management. .govCAR represents an evolution in managing cybersecurity —an advancement from the traditional consequence (compliance) and vulnerability (cyber hygiene) based approaches. This next-generation approach looks at cybersecurity capabilities the same way an adversary does to directly identify areas where mitigations should be applied for best defense. .govCAR creates opportunities for organizations to make their own threat-informed risk decisions and develop a prioritized approach to reducing risk to known threats. .govCAR is vendor agnostic and does not evaluate specific vendors or products. \nThe speaker will walk the audience through the concept of threat based architecture reviews and will discuss how cybersecurity threat framework and architectural cybersecurity capabilities come together to allow organizations to improve their cybersecurity posture. \nSpeaker: Branko S. Bokan\, Department of Homeland Security \nBranko Bokan is a Cybersecurity specialist with the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS). In his role\, Branko assists federal agencies to adopt the .govCAR methodology. A proud holder of all three ISC2 CISSP concentrations (ISSAP\, ISSEP\, ISSMP)\, Branko also teaches cybersecurity as an adjunct professor at a local university. URL:https://issa-centralmd.org/calendar/membership-meeting-9-25-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190828T170000 DTEND;TZID=America/New_York:20190828T193000 DTSTAMP:20260424T022019 CREATED:20181217T022545Z LAST-MODIFIED:20190828T215416Z UID:2289-1567011600-1567020600@issa-centralmd.org SUMMARY:Membership Meeting 8/28/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-08-28-Meeting-Presentation.pdf \nSpeaker Presentation: Failing-at-Cybersecurity.pdf \nTopic: Fail Secure: 20 Ways to Undermine Your Security Program \nThere’s policy\, and then there’s reality. All too often\, security teams find their efforts overridden or bypassed. Here’s some unconventional wisdom and tips on how to engage your stakeholders and keep your program moving forward. \nSpeaker: Tom Hallewell\, VP of Programs and Event for the ISSA DC Chapter \nTom Hallewell works for the Government. He’s also VP of Programs for ISSA-DC.  He’s worked in just about every area of cybersecurity\, and has the scars to prove it.  Hopefully this talk will help you avoid getting them yourself.  Tom Hallewell is the VP of Programs and Event for the ISSA DC Chapter \nPlease Note: \n\nDeadline to register is August 26th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on August 26th. Otherwise\, $20 at the door (cash or credit card). Refunds available until August 26th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-8-28-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190724T170000 DTEND;TZID=America/New_York:20190724T193000 DTSTAMP:20260424T022019 CREATED:20181217T022447Z LAST-MODIFIED:20190729T120043Z UID:2287-1563987600-1563996600@issa-centralmd.org SUMMARY:Membership Meeting 7/24/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-07-24-Meeting-Presentation.pdf \nSpeaker Presentation: Attackers-Prey-on-Uncertainty_ISSA-Central-MD.pdf \nTopic: Attackers Prey on Uncertainty: How to Fail at Threat Detection\n \nIt takes a lot of visibility and context to detect and respond to sophisticated threats. Attackers usually target data\, where enterprises have the least visibility and most uncertainty. In this session\, we’ll explore new\, sophisticated threats from inside and out\, demonstrate how easy it is for adversaries to bypass traditional controls\, and present a methodology to better protect data at scale\, improve threat detection\, and reduce uncertainty. \nSpeaker: Courtney Chau\, System Engineer at Varonis \nBringing a diverse business and technical skill set\, Courtney Chau has had the privilege of working with an elite list of clientele in the Cyber Security & Information Technology sector. Courtney’s commitment to continued learning and academic excellence provided the opportunity for a year of early completion at Virginia Tech with a B.S. in Business Information Technology\, summa cum laude\, and minor in Applied Business Computing. Courtney embarked on her professional journey in IT Risk Assurance at the multinational professional services network firm PricewaterhouseCoopers (PwC)\, providing superior client relationship management to cultivate efficient and innovative business solutions. She collaborated with multiple teams\, inter-company lines of service\, clients\, and client third-party service organizations for multiple projects regarding interfaces/configurations\, key reports\, SDLC\, and other IT general controls. Following this\, Courtney served Darktrace as a Cyber Defense Technology Specialist to manage deployments and incident responses\, ranging from small business to global firms across a variety of industries. She mentored a team of engineers and holds substantial experience covering a global territory. Presently\, she works with Varonis to serve the data security needs of large enterprise customers. \nPlease Note: \n\nDeadline to register is July 22nd at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on July 22nd. Otherwise\, $20 at the door (cash or credit card). Refunds available until July 22nd at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-7-24-2018/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190626T170000 DTEND;TZID=America/New_York:20190626T193000 DTSTAMP:20260424T022019 CREATED:20181217T022354Z LAST-MODIFIED:20190701T123836Z UID:2285-1561568400-1561577400@issa-centralmd.org SUMMARY:Membership Meeting 6/26/2019 DESCRIPTION:Chapter Meeting Registration \nPlease note the new meeting Location: Hub Spot\, 6724 Alexander Bell Drive\, Suite 105\, Columbia\, MD 21046\,  \nChapter Business Meeting Slides: 2019-06-26-Meeting-Presentation \nSpeaker Presentation: Crafting a DLP Program \nTopic: Data Loss Prevention Essentials \nA how-to primer on overcoming organizational challenges to implement a successful Data Loss Prevention program. \nAdvances in technology have prompted a rapid evolution of business processes over the last two decades. Along with the benefits provided to organizations\, these advances have brought about new types of risks. Data has become the lifeblood of organizations\, yet many do not know what data they have\, what is important\, or how it is being used. \nA Data Loss Prevention program provides insight into these new risks\, but organizations are often ill-equipped to respond to this new information or manage the associated risks. \nInfolock’s Director of Advisory Services\, Ryan Dobbins\, will discuss the three main areas required for a successful implantation: \n\nGovernance: The organizational articulation of what data is important and how it is measured\nVisibility: The technical ability to make informed decisions\nProtection: The enforcement of organization risk tolerance\n\nA successful DLP program supports and informs organizational leadership as they manage data risk and minimize the occurrence and impact of data incidents. Attendees will leave this presentation with an understanding of how to turn DLP technology into a holistic program to reduce organizational risks. \nSpeaker: Ryan Dobbins\, Director of Advisory Services\, Infolock \nRyan Dobbins is Infolock’s Director of Advisory Services and helped develop the Data Risk Management Framework (DRMF). A graduate of James Madison University\, Mr. Dobbins holds the SANS GSLC certification and is active in the Governance\, Risk\, and Compliance (GRC) community where he offers his expertise on topics such as: \n\nStrategic Data Governance\nAligning Compliance Goals with Real Security\nReducing Enterprise Risk with Data Loss Prevention\nHow to Use a Control Framework to Build a Security Program\n\nIn addition to his work at Infolock\, Mr. Dobbins was a featured speaker at VA HIMSS (2017)\, the AMC Security Conference (2017)\, the NCHICA Conference (2016)\, and the AMC Conference (2016). Prior to Infolock\, Mr. Dobbins developed and managed the information security program at a multi-billion-dollar healthcare enterprise\, including its GRC system and Security Operations Center. In this role\, Mr. Dobbins and his team worked to detect\, respond to\, and report on technical security issues. During this time\, they responded to internal and external security audits\, formed business relationships with various organizational units and provided corporate\nguidance on security related issues. The results of their findings were scored against HITRUST and internal policies and added to the GRC system for risk-tracking and remediation. Later\, these results were published to a wide audience across a number of formats\, including\nexecutive dashboards and technician remediation paths. \nPlease note new meeting schedule – June 2019 \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A \nChapter Meeting Registration URL:https://issa-centralmd.org/calendar/membership-meeting-6-26-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190522T170000 DTEND;TZID=America/New_York:20190522T193000 DTSTAMP:20260424T022019 CREATED:20181217T022300Z LAST-MODIFIED:20190523T112701Z UID:2283-1558544400-1558553400@issa-centralmd.org SUMMARY:Membership Meeting 5/22/2019 DESCRIPTION:Please note the new meeting Location: Hub Spot\, 6724 Alexander Bell Drive\, Suite 105\, Columbia\, MD 21046\,  \nTopic: RMF 2.0 for non-Federal Users \nMembership Meeting Slides: 2019-05-22 Meeting Presentation \nSpeaker Presentation: Risk Management for non-Federal Users \nLearning objectives\n1) Understanding of the NIST Risk Management Framework\n2) Briefing on the updates to Revision 2.0 of NIST 800-37\n3) Walk through of a fictitious Federal Agency system undergoing the RMF process \nThe target audience are those who have not yet dealt with the NIST RMF and would like to understand the various components and how it would apply to a specific computer system. The talk will start with the steps included in the RMF process and will end with the review of the controls within one or two control families. \nSpeaker: Joe Klein\, Mitre \nJoe Klein is a +30-year veteran of the IT\, IA\, IoT and IO domains\, with extensive experience in DoD\, US Government\, and commercial sectors. He has a long history of speaking at Computer Science\, Technology\, Security and Hacker conferences on topics such as IPv6\, Time Hacking\, Auto Hacking\, Physical Security\, Risk Management\, IoT Security\, Cybersecurity as a Business advantage\, and success in your security career. National and international speaking venues include Defcon\, BlackHat\, BSidesDC\, ISSA events\, ITU\, InfraGard\, TorCon\, SecTor\, and Security Days. \nHe also contributes his talent to standards and practices at NIST\, DoD\, SPAWAR\, IEEE\, and IETF. \nPlease note new meeting schedule – May 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and Q&A \n  URL:https://issa-centralmd.org/calendar/membership-meeting-5-22-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190424T170000 DTEND;TZID=America/New_York:20190424T193000 DTSTAMP:20260424T022019 CREATED:20181217T022201Z LAST-MODIFIED:20190515T164644Z UID:2281-1556125200-1556134200@issa-centralmd.org SUMMARY:Membership Meeting 4/24/2019 DESCRIPTION:Membership Meeting Slides: 2019-04027 Meeting Presentation \nSpeaker Presentation: Intro to Cyber Insurance \nTopic: Intro to Cyber Insurance \nCyber risk management is something that continues to evolve with the threat landscape as well as innovations in processes and technology. One of these new innovations is the emergence of cyber insurance. While it is new in terms of insurance products it has been around for several years and is quickly developing into something that many commercial organizations are starting to consider. The purpose of this presentation is to provide an overview of the cyber insurance marketplace\, the underwriting process and a shallow dive into the coverage provided by a typical policy. \nSpeaker: MICHAEL VOLK\, VP\, CYBER RISK SOLUTIONS\, PSA INSURANCE \nAs the lead for PSA’s Cyber Risk Solutions Practice\, Mike Volk is responsible for helping clients make informed decisions about cyber insurance and develop strategies to reduce cyber risk. For the past eight years he has worked in several roles where he helped individuals and organizations navigate the complex cybersecurity landscape. Mike is engaged in the cybersecurity community and currently serves on the Board of Directors for the Cybersecurity Association of Maryland\, Inc. (CAMI). Prior to joining PSA\, Mike worked with individual job-seekers\, industry experts\, as well as government organizations and contractors in areas related to cybersecurity training and workforce development. He has authored several articles on topics related to cyber risk\, cybersecurity education/training and cybersecurity workforce development. Mike contributed to Anne Arundel Community College as the Business Development Coordinator for the CyberCenter and Instructional Specialist for the Cyber and Technology Training area. He also served as the Cybersecurity Navigator and Project Coordinator for the Mayor’s Office of Employment Development in Baltimore City. \nPlease note new meeting schedule – February 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and URL:https://issa-centralmd.org/calendar/membership-meeting-4-24-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190327T170000 DTEND;TZID=America/New_York:20190327T193000 DTSTAMP:20260424T022019 CREATED:20181217T022110Z LAST-MODIFIED:20190402T170004Z UID:2279-1553706000-1553715000@issa-centralmd.org SUMMARY:Membership Meeting 3/27/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-03-27-Meeting-Presentation \nTopic: An Update on Deep Content Inspection and DLP for Government \nDeep Content Inspection!  OK right\, but what is Deep Content Inspection?  Is it the ability to work in highly regulated federal agencies?  Is it working with other vendors to ensure that file transfers are reviewed prior to allowing? Or ensuring that data transfers to removable media drives do not contain sensitive information? Is it automatically encrypting email messages that contain sensitive information in them? How about all of the above?  Today\, advanced security and data loss prevention features are needed to combat information borne threats across a wide range of technologies. \nSpeaker: Scott Messick\, Senior Sales Engineer with Clearswift  \nScott Messick is a Senior Sales Engineer with Clearswift based in New Jersey. In this role he works with the largest Clearswift customers and prospects across North and South America. Scott joined Clearswift about two years ago\, after 12 years with Credit Agricole Corporate Investment Bank (CA-CIB). While with Credit Agricole\, Scott was a Windows Technical Lead\, a Windows Platform Engineer\, a Windows Platform Group Manager and was promoted to Vice President. Scott also served on the IT and IT Security Management Committees that oversaw all North and South America IT and IT Security infrastructure operations for the Bank. \nPlease note new meeting schedule – February 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and Questions URL:https://issa-centralmd.org/calendar/membership-meeting-3-27-2019/ LOCATION:UMBC Training Centers\, 6996 Columbia Gateway Dr.\, Suite 100\, Columbia\, MD\, 21046\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190227T170000 DTEND;TZID=America/New_York:20190227T193000 DTSTAMP:20260424T022019 CREATED:20181217T022018Z LAST-MODIFIED:20190319T232821Z UID:2277-1551286800-1551295800@issa-centralmd.org SUMMARY:Membership Meeting 2/27/2019 DESCRIPTION:Meeting Presentation: 2019-02-27 Meeting Presentation \nSpeaker Presentation: Hacking Social Media – ZeroFOX \n\n\nSocial Media Protection For Dummies: Download free book\, click HERE. \nTopic: What is Social Media Security? \nSocial media security is the process of analyzing dynamic social media data in order to protect against security and business threats.. Every industry faces a unique set of risks on social\, many of which have put organizations in the press or at the center of controversy. \nSpeaker: Christopher Cullison\, VP Emerging Technologies @ ZeroFOX \nCo-founder of ZeroFOX and Vice President of Emerging Technologies\, has over 16 years of experience in the software industry. Christopher has worked with and managed large scale applications for Fortune 50 corporations\, specializing in advanced enterprise architecture solutions. His expertise includes reverse engineering\, code inspection\, dynamic integrations\, and cyber-security. Chris has worked as a consulting expert in patent litigation\, specializing in patent and prior art analysis. Besides holding multiple coding and security certifications\, he speaks regularly about innovative coding at security conferences. Chris has a Bachelors in Business Information Systems from Stevenson University. \nPlease note new meeting schedule – February 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-2-27-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190123T170000 DTEND;TZID=America/New_York:20190123T193000 DTSTAMP:20260424T022019 CREATED:20181217T021913Z LAST-MODIFIED:20190123T231913Z UID:2275-1548262800-1548271800@issa-centralmd.org SUMMARY:Membership Meeting 1/23/2019 DESCRIPTION:Meeting Presentation: 2019-01-23 Meeting Presentation \nSpeaker Presentation: What is Cyber Threat Intelligence? \nJohn Stoner and Ronnie Obenhaus will present on how gathering threat intelligence data is necessary to combat various threat actors from nation states.  Threat intelligence solutions gather raw data about emerging or existing threat actors and threats from a number of sources. CTI data is  analyzed and filtered to produce threat intelligence feeds and management reports that contain information that can be used by automated security control solutions. The primary purpose of this type of security is to keep organizations informed of the risks of advanced persistent threats\, zero-day threats and exploits\, and how to protect against them. \nSpeaker: John Stoner & Ronnie Obenhaus \nCyber Threat Intelligence Analyst John Stoner has over 18 years of experience in the national security and defense sector working a variety of roles\, including most recently as a Cyber Threat Intelligence Analyst\, Cyber Counterintelligence Analyst and Cyber Instructor. His work experience includes IT\, instruction and course design\, cyber exercise and testing\, penetration testing\, intelligence collection\, threat support\, SIGINT (Signals Intelligence)\, and Cyber Operations. He holds A+\, Net+\, CEH\, CHFI\, CEI\, CISD\, CASP and CISSP and a Computer Studies degree from UMUC. He is a huge soccer fan and coaches youth soccer. You may see his Zombie response car at unnamed government facilities. By secretly joining the Army at 19 years old\, he got started in military intelligence and then eventually government cybersecurity. \nCyber Threat Intelligence Analyst Ronnie Obenhaus is a US Army Veteran and is not good at providing additional facts for his bio. He is married and has several children (amount variable). He may or may not have pets\, but seems to like dogs. He currently is a DOD civilian at a federal cyber agency. \nAgenda: \n\n5:15 – 5:45 (Chapter Business)\n5:45 – 6:15 (Food / Networking)\n6:15 – 7:15 (Presentation / Q&A) URL:https://issa-centralmd.org/calendar/membership-meeting-1-23-2019/ LOCATION:UMBC Training Centers\, 6996 Columbia Gateway Dr.\, Suite 100\, Columbia\, MD\, 21046\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20181128T170000 DTEND;TZID=America/New_York:20181128T193000 DTSTAMP:20260424T022019 CREATED:20171112T231511Z LAST-MODIFIED:20181219T021341Z UID:1791-1543424400-1543433400@issa-centralmd.org SUMMARY:Membership Meeting 11/28/2018 DESCRIPTION:Business Meeting Slides: 2018-10-24-Meeting-Presentation.pdf \nSpeaker: Colton McQue\, Zscaler \nTopic: No Network Needed?!?! \nIt seems every day\, we are bombarded with news of yet another breach and our personal information being traded and sold on the dark web/Internet.  We lose sleep wondering if we have the right controls and policies in place to prevent our companies and our names from appearing in the next morning’s headlines.  Is it time for a different approach?  What if we could get rid of our network so we no longer had to define complex boundaries and policies?  Is it really possible to architect a system that removes all the traditional ingress and egress points?  If we resign ourselves to the fact that it’s not IF but WHEN our network gets breached….then why do we still have a network? URL:https://issa-centralmd.org/calendar/membership-meeting-11212018/ CATEGORIES:Meetings END:VEVENT END:VCALENDAR