BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Central Maryland Chapter of ISSA - ECPv6.15.20//NONSGML v1.0//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-WR-CALNAME:Central Maryland Chapter of ISSA X-ORIGINAL-URL:https://issa-centralmd.org X-WR-CALDESC:Events for Central Maryland Chapter of ISSA REFRESH-INTERVAL;VALUE=DURATION:PT1H X-Robots-Tag:noindex X-PUBLISHED-TTL:PT1H BEGIN:VTIMEZONE TZID:America/New_York BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20160313T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20161106T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20170312T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20171105T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20180311T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20181104T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20190310T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20191103T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20200308T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20201101T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20210314T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20211107T060000 END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTART;TZID=America/New_York:20200826T170000 DTEND;TZID=America/New_York:20200826T193000 DTSTAMP:20260424T054301 CREATED:20191214T142719Z LAST-MODIFIED:20210316T223758Z UID:2978-1598461200-1598470200@issa-centralmd.org SUMMARY:Membership Meeting 8/26/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-08-26 Membership Meeting \nSpeaker Slides: Dell Security Operations 2.0 Transformation \nSpeaker Recording: Dell Security Operations 2.0 Transformation \nTopic: Security Operations 2.0 \nWith Dell Technologies being looked at as a key innovator is response to the rapidly changing workforce\, Bob will layout  a vision of what the next-gen security operations will begin to look like. Based on his past experience as a cybersecurity director and his current outlook within Dell Technologies\, Bob will explore how technology will drive how we assess risk\, manage and mitigate risk\, and provide situational awareness. Enablers for remote workforce\, multi-cloud operations\, and enhanced intelligence all play a role in every agency’s modernization strategy.  But should how you secure these new environments change how you think about securing the rest? \nSpeaker: Bob Nicholson\, Business Development Executive\, Dell Technologies Federal \nBob Nicholson is currently a Business Development Executive for the Dell Technologies’ Federal team with a concentration on Federal Civilian agencies. Bob has been serving in this position for 5 years but brings more than 25+ years of solutioning experience in support of the public sector. \nFor 15 years he served as a cybersecurity leader and solution architect within the federal government which included designing and implementing many enterprise solutions and establishing many best practices. Many of these as a result of Federal mandates\, Bob has a great deal of experience working within government\, in coordination with its many bodies of governance\, and throughout industry. He has transferred this knowledge and relationships into not only being a strong advocate for innovation within government\, but also a facilitator for ensuring its success. URL:https://issa-centralmd.org/calendar/membership-meeting-8-26-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200722T170000 DTEND;TZID=America/New_York:20200722T193000 DTSTAMP:20260424T054301 CREATED:20191214T142609Z LAST-MODIFIED:20210316T224103Z UID:2976-1595437200-1595446200@issa-centralmd.org SUMMARY:Membership Meeting 7/22/2020 DESCRIPTION:Chapter Business Meeting Slides: Membership Meeting 7/22/2020 \nSpeaker Slides: MSSP Market Overview \nSpeaker Recording: MSSP Market Overview \nTopic: Managed Security Services \nAn overview of the Managed Security Services market including: \n\nDefinition of MSS\nCategorization of MSS market segments and the pros and cons of each\nExplanation of why certain offerings dominate the MSS market and why other offerings are less common\nOverview of vendors and their products aligned with the common MSS offerings\nDescription of the varying service models and how they align to different types of customers\nPredictions of disruptions to the MSS market in the coming years\n\nSpeaker: \nJohn Perkins\, Founder\, ThreatAngler \nJohn Perkins is the Founder of Threat Angler and brings over twenty years of cybersecurity experience. During the first fifteen years of his career at the Federal Reserve\, he contributed to nearly all cybersecurity disciplines. John spent the next five years designing\, building\, and leading managed security services with Optiv\, GuidePoint\, Insight Enterprises\, and other service providers. John’s passion is to build a sustainable managed security service focused on delivering cybersecurity value outcomes while developing cybersecurity talents in team members. URL:https://issa-centralmd.org/calendar/membership-meeting-7-22-2020/ LOCATION:Virtual via Zoom\, MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200624T170000 DTEND;TZID=America/New_York:20200624T193000 DTSTAMP:20260424T054301 CREATED:20191214T142457Z LAST-MODIFIED:20200722T102622Z UID:2974-1593018000-1593027000@issa-centralmd.org SUMMARY:Membership Meeting 6/24/2020 DESCRIPTION:Click HERE to Register for the June 2020 Virtual Meeting \nChapter Business Meeting Slides: 2020-06-24-Meeting-Presentation.pdf \nSpeaker Slides: TBD \nTopic: Cybersecurity Maturity Model Certification (CMMC) – A New\, Required DoD Cybersecurity Standard \nOn January 31\, 2020\, the DoD published a new cybersecurity standard which will be required beginning in spring\, 2020 for new acquisitions awarded to contractors who do business with DoD.  The Cybersecurity Maturity Model Certification (CMMC) framework consists of 17 domains\, five processes across five levels to measure maturity\, and 171 practices across five levels to measure technical capabilities.  DoD Program Manager’s will determine what level of maturity required to bid on new RFIs and RFPs based upon the sensitivity of the data in the contract.  Maturity Levels range from Level 1\, Basic Cyber Hygiene which is performed on an ad hoc basis up to Level 5\, Advanced / Progressive cybersecurity capabilities performed with optimized maturity.  Level 3 will be required for all future DoD acquisitions where basic Controlled Unclassified Information (CUI) will be part of the performance of the contract. \nCMMC will be implemented on a crawl\, walk\, run basis over the course of the next five years.  This spring the Accreditation Body will begin to train C3PAO organizations to certify companies.  The DoD will train their Program Managers.  Starting in June\, a few select contracts will be identified with CMMC requirements in RFIs. This fall\, CMMC requirements will appear in a few select RFPs.  The execution of a new contract will require that prime contractor and their subcontractors to achieve the appropriate level of CMMC called upon in the contract.  While details are still evolving\, it is important to prepare now!  Come learn more about these new requirements and how to get started. \nSpeaker: Dawn M Greenman\, Deputy Program Manager Cybersecurity for Johns Hopkins Applied Physics Laboratory (JHU/APL) \nDawn M Greenman is Deputy Program Manager Cybersecurity for Johns Hopkins Applied Physics Laboratory (JHU/APL).  In this position\, she oversees cybersecurity projects across the organization and assists in the oversight of JHU/APL’s cyber operations\, security engineering\, and IT compliance functions. \nOver the past 25 years\, Ms. Greenman has held positions of increasing responsibility in information technology and cybersecurity\, working for companies small to large. In 2017\, Dawn lead JHU/APL to compliance with DFARS 7012 and NIST SP 800-171.  During this time\, she recognized the struggle small organizations were having with compliance requirements and also understood compliance alone was not enough.  She started to participate in external projects and lead working groups with DoD and industry to develop strategies to improve the protection of controlled unclassified information. \nMore recently\, passionate to improve the security of the DoD supply chain\, Ms. Greenman eagerly accepted a role as Outreach Lead for the DoD Office of Sustainment and Acquisition’s Cybersecurity Maturity Model Certification (CMMC) project.  The Cybersecurity Maturity Model\, developed by JHU/APL and SEI/CERT\, delivered DoD a new common standard in cybersecurity in January 2020.  She will continue to participate in efforts to implement this new standard which will begin to be required by all defense contractors doing business with DoD as early as this summer. \nMs. Greenman holds an undergraduate degree in Information Systems with a concentration in Homeland Security.  In July 2019\, she graduated with an Executive Masters of Business Administration from The University of Maryland Robert H. Smith School Of Business.  She is a Certified Information Security Professional (CISSP) and holds the GIAC Security Essentials (GSEC) certification. \nClick HERE to Register for the June 2020 Virtual Meeting URL:https://issa-centralmd.org/calendar/membership-meeting-6-24-2020/ LOCATION:MD CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200527T170000 DTEND;TZID=America/New_York:20200527T193000 DTSTAMP:20260424T054301 CREATED:20191214T142322Z LAST-MODIFIED:20200527T214939Z UID:2972-1590598800-1590607800@issa-centralmd.org SUMMARY:Membership Meeting 5/27/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-05-27 Meeting Presentation \nMeeting Sponsor Slides: Semperis AD Recovery and Protection – 2020-05-27 \nSpeaker Slides: Bricata SOAR Presentation – Carl Bolterstein 2020-05-27 \nPresentation Title: SOARing into Netsec \nTraditional methods of security event management create a constant struggle to keep up with the large volumes of data produced by siloed\, highly specialized tools. This segmentation and siloing of capabilities produce a huge manual workload on already over worked and under resourced security operation staffs. \nBridging this gap in analyst and security tool capacity is the concept of security orchestration\, automation and response (SOAR). This methodology and toolset allow for cybersecurity tools to react to alerts and incidents automatically to enhance productivity. It is the process and the underlying perspectives and ideas that will be discussed during this presentation. \nSpeaker Bio: Carl Bolterstein\, Senior Solutions Engineer at Bricata \nCarl is an experienced Solution Architect and Engineer in cybersecurity. He has spent the last seven years focused on network and data cyber analysis. He has worked in the public and private sector with a wide range of customers from small business to large enterprise in the engineering and analyst capacity. He currently serves as a Senior Solutions Engineer at Bricata. \nNote: Due to the COVID-19 Coronavirus\, the May General Membership meeting will only be provided virtually via GoToWebinar. There will be no in-person meeting. \nThe May Membership Meeting is sponsored by \n \n  URL:https://issa-centralmd.org/calendar/membership-meeting-5-27-2020/ LOCATION:Virtual CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200422T170000 DTEND;TZID=America/New_York:20200422T193000 DTSTAMP:20260424T054301 CREATED:20191214T142219Z LAST-MODIFIED:20200627T022630Z UID:2970-1587574800-1587583800@issa-centralmd.org SUMMARY:Membership Meeting 4/22/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-04-22-Meeting-Presentation.pdf \nChapter Meeting Recording (122MB): Download from ISSA Central MD SharePoint\, click here \nSpeaker Slides: DevSecOps – Phil Kulp 04-22-2020 \nTopic: DevSecOps: Integrating and Maturing a Security Culture \nCybersecurity professionals have a robust suite of tools and methodologies for assessing risk to operating systems\, firewalls\, and other components but have limited resources to review webapps. As demonstrated by the Equifax breach\, which exploited a third-party library\, continuous monitoring and assessment does not always include a review of software dependencies. We rely on regular patches for commercial software and understand how to deploy updates\, but maintaining secure custom software requires development team support or integration into a DevSecOps pipeline. The lack of insight into custom software and web applications is due to limited automated review and the technical skills required to identify or understand the unique threats to an organization. \nSpeaker: Dr. Philip Kulp\,  PHK Cyber \nDr. Philip Kulp has been consulting in cybersecurity for over 20 years and programming since middle school. In his current role assessing webapps\, he combines his passion for both skills while integrating automated cybersecurity checks into the DevSecOps cycle. He also serves as a cybersecurity architect\, Incident Responder\, independent assessor\, and course creator at Cybrary. Philip seeks learning opportunities to balance his cybersecurity skills between academic\, technical\, and compliance roles. He holds the CISSP certification and two Offensive Security certifications of OSCP and OSCE. In his academic capacity\, Dr. Kulp serves as a chair\, committee member\, and mentor for doctoral students in the Ph.D. and D.Sc. programs at Capitol Technology University. \nNote: Due to the COVID-19 Coronavirus\, the April General Membership meeting will only be provided virtually via GoToWebinar. There will be no in-person meeting. \n  URL:https://issa-centralmd.org/calendar/membership-meeting-4-22-2020/ LOCATION:Virtual CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200325T170000 DTEND;TZID=America/New_York:20200325T193000 DTSTAMP:20260424T054301 CREATED:20191214T142114Z LAST-MODIFIED:20200316T030620Z UID:2968-1585155600-1585164600@issa-centralmd.org SUMMARY:Membership Meeting 3/25/2020 DESCRIPTION:Cancelled: Membership Meeting: March 25\, 2020 \nNotice: The March membership meeting has been cancelled. Due to the COVID-19 Coronavirus\, the Board of Directors of the Central MD Chapter of the Informatin System Security Association\, and in followig the guidelines of the local government and medical experts\, have decided that it is in the best interest of our members to cancel the March membership meeting. We apologize for any inconvenience. \nStay tuned for news of future metings. We are researching opportunities to virtually conduct the April meeting.  URL:https://issa-centralmd.org/calendar/membership-meeting-3-25-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200226T170000 DTEND;TZID=America/New_York:20200226T193000 DTSTAMP:20260424T054301 CREATED:20191214T141855Z LAST-MODIFIED:20200226T231508Z UID:2966-1582736400-1582745400@issa-centralmd.org SUMMARY:Membership Meeting 2/26/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-02-26 Meeting Slides \nSpeaker Slides: Business Email Compromise (BEC) \nTopic: Business Email Compromise: More Sophistication\, More Problems \nBusiness Email Compromise (BEC) is a major threat vector for the private sector. These attacks usually begin with a spear-phishing attempt\, with the intent to conduct fraudulent wire transfers or take other data from an organization. This is a very sophisticated social engineering attack\, so it’s important to understand the way this attack is conducted\, as well as how to protect oneself and an organization. This presentation will give a deep-dive into email headers\, technical issues and solutions around business email compromise attacks. While this is a technical brief\, the idea is to give attendees actionable items to take back to their organization to provide awareness and relevant security configurations. \nSpeaker: Dr. Nikki Robinson\, XLA \nNikki holds a Doctorate of Science in Cybersecurity from Capitol Technology University. Her specialization is in vulnerability management and the challenges around it. She has over 12 years in both the IT and Security fields. Nikki is a Cybersecurity Engineer with an IT background – so she brings technical descriptions to each presentation. She holds certifications in both IT and Security\, including CISSP\, CEH\, CNDA\, MCITP\, and CCAA. Nikki is excited about helping people to solve issues around vulnerability management and lower their risk profile. URL:https://issa-centralmd.org/calendar/membership-meeting-2-26-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20200122T170000 DTEND;TZID=America/New_York:20200122T193000 DTSTAMP:20260424T054301 CREATED:20191214T141734Z LAST-MODIFIED:20200122T230102Z UID:2964-1579712400-1579721400@issa-centralmd.org SUMMARY:Membership Meeting 1/22/2020 DESCRIPTION:Chapter Business Meeting Slides: 2020-01-22-Meeting-Presentation.pdf \nSpeaker Slides: The Next Gen of Vulnerability Management \nTopic: The Next Gen of Vulnerability Management \nTraditionally\, Vulnerability Management has become entrenched in the CVSS scoring system which itself\, has undergone some revision to more appropriately address things like exploitability\, degree of sophistication and human intervention. While CVSS allows centralization of data and a consistent scoring system\, it falls short of adequately addressing risk from a dynamic perspective. We’ve seen the industry shift in the last few years to a realization that every vulnerability cannot be addressed\, inclusion of individual threat feeds and a more specific approach to dealing with risk. As a result\, the landscape has shifted to a pro-active approach to identify where the best value can be aimed on the vulnerabilities that are most important. \nSpeaker: Michael Morgan\, Chris Edson: Tenable Network Security \nMike Morgan & Chris Edson have been helping customers understand the need for protecting their network\, both on-prem and in the cloud for over 10 years. They have been instrumental in advocating and supporting clients to introduce\, implement\, and build out vulnerability management programs leading to a greater understanding of risk. \nPlease Note: \n\nDeadline to register is December 16th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on December 16th. Otherwise\, $20 at the door (cash or credit card). Refunds available until December 16th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting\n6:00 – 7:30 Speaker and Q&A \n  URL:https://issa-centralmd.org/calendar/membership-meeting-1-22-2020/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191218T170000 DTEND;TZID=America/New_York:20191218T193000 DTSTAMP:20260424T054301 CREATED:20181217T022906Z LAST-MODIFIED:20191219T030224Z UID:2297-1576688400-1576697400@issa-centralmd.org SUMMARY:Membership Meeting 12/18/2019 DESCRIPTION:Sponsored by: \nChapter Business Meeting Slides: 2019-12-18-Meeting-Presentation.pdf \nSpeaker Presentation: Risk Mitigation for Cybersecurity Service Providers \nTopic: Risk Mitigation Strategies for Cybersecurity Service Providers \nEveryone is talking about “vendor risk” and “vendor management” on the client side\, but who’s looking out for the risks that your cybersecurity product or service company faces when helping those same clients by licensing a cutting-edge cyber tool\, conducting a penetration test or risk assessment\, providing post-breach forensic services\, or otherwise helping a customer deal with its privacy and data security risks?  This session will focus on a few key areas of concern when negotiating customer contracts. \nSpeaker: Razvan E. Miutescu: Business\, Technology\, and Information Governance Attorney\, Whiteford Taylor & Preston LLP \nRazvan Miutescu is a technology and information governance attorney with Whiteford\, Taylor & Preston. His practice focuses on privacy; data security; information technology transactions; licensing; and data management\, including data broker transactions\, cloud services\, and distributed ledgers/blockchain technology matters. He has been a co-chair of the Data Privacy\, Cyber Security & Technology committee of the Maryland State Bar Association since 2015 and is an active member of the tech community in the Baltimore-DC area. \nPlease Note: \n\nDeadline to register is December 16th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on December 16th. Otherwise\, $20 at the door (cash or credit card). Refunds available until December 16th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting\n6:00 – 7:30 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-12-18-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191120T170000 DTEND;TZID=America/New_York:20191120T193000 DTSTAMP:20260424T054301 CREATED:20181217T022815Z LAST-MODIFIED:20191214T165750Z UID:2295-1574269200-1574278200@issa-centralmd.org SUMMARY:Membership Meeting 11/20/2019 DESCRIPTION:Topic: Threat Informed Defense with MITRE ATT&CK™ \nChapter Business Meeting Slides: 2019-11-20-Meeting-Presentation.pdf \nSpeaker Presentation: Threat Informed Defense with MITRE ATT&CK \nThe MITRE ATT&CK framework has become a widely used knowledge base and model for real cyber adversary behavior. In use across governments\, private sector\, and security solutions providers\, ATT&CK helps to focus defenses against known threats\, provides an effective tool for measuring security improvements\, and drives innovation. \nThe session will cover the history of ATT&CK and what drove its creation at MITRE\, the philosophy behind how ATT&CK is maintained\, and several use cases for how it can be applied including behavioral analytic development\, defensive gap analysis\, and adversary emulation. \nSpeaker: Michael C. Long II\, Senior Cyber Adversarial Engineer\, The MITRE Corporation \nMichael Long is a Senior Cyber Adversarial Engineer with the MITRE Corporation and a former U.S. Army Cyber Operations Specialist. Michael has over 10 years of experience in information security disciplines including adversary threat emulation\, red teaming\, threat hunting\, and digital forensics and incident response. Michael Long has a proven track record of service in the public interest. Michael served on countless cyber operations for organizations including the Army Cyber Protection Brigade and Army Cyber Command\, the results of which he regularly briefed to commanding generals\, strategic executives\, and congressional staffers. With MITRE\, Michael continues to apply his technical expertise to improve the cybersecurity of our nations most sensitive and critical networks. Michael has a Masters Degree in Information Security Engineering from SANS Technology Institute\, and holds many information security certifications including the prestigious GIAC Security Expert certification (GSE). \nPlease Note: \n\nDeadline to register is November 18th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on November 18th. Otherwise\, $20 at the door (cash or credit card). Refunds available until November 18th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A \n  URL:https://issa-centralmd.org/calendar/membership-meeting-11-20-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191016T170000 DTEND;TZID=America/New_York:20191016T193000 DTSTAMP:20260424T054301 CREATED:20181217T022722Z LAST-MODIFIED:20191016T225533Z UID:2293-1571245200-1571254200@issa-centralmd.org SUMMARY:Membership Meeting 10/16/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-10-16-Meeting-Presentation.pdf \nSpeaker Presentation: Taking a holistic approach to an insider threat program \nSpeaker Presentation: Security Operations Maturity Model (SOMM) \nISSA Central MD is hosting an event at the National Electronic Museum to celebrate National Cybersecurity Month. \nTopic: Taking a holistic approach to an insider threat program \nThis presentation will provide insider threat mitigation strategies for every phase of the employment life cycle\, including pre-employment screening; ongoing insider threat and security training; leveraging tools like Jazz Networks for user activity monitoring\, and finally what to watch out for when an employee is leaving the organization.  We will share anecdotes from public and private sector service experience\, highlighting vulnerable areas of the employee life cycle where an insider can become an active threat.  We will also provide a brief demonstration of the Jazz Networks insider threat and detection platform.\n \nSpeaker: Charles Finfrock\, Senior Threat Investigator\, Tesla \nCharles Finfrock is a Senior Threat Investigator in Tesla’s Security Intelligence Department\, the team responsible for protecting Tesla’s Intellectual Property and confidential business information from internal and external threats. Prior to joining Tesla\, Charles spent 18 years as an operations officer in the Central Intelligence Agency. Charles is also the head of Insider Threat at the Washington DC based\, Cyber Intelligent Partners\, a training and education company focused on helping companies develop programs to counter cyber threats\, regional threats\, and insider threats. \nTopic: Security Operations Maturity Model (SOMM) \nSOMM explores how to assess and evolve the principle programs of the security operations center (SOC): threat monitoring\, threat hunting\, threat investigation\, and incident response. LogRhythm developed the Threat Lifecycle Management (TLM) framework to help organizations ideally align technology\, people\, and process in support of these programs. The TLM framework defines the critical security operations technological capabilities and workflow processes that are vital to realize an efficient and effective SOC. LogRhythm’s SOMM helps organizations measure the effectiveness of their security operations\, and to mature their security operations capabilities. Using our TLM framework\, the SOMM provides a practical guide for organizations that wish to optimally reduce their mean time to detect (MTTD) and mean time to respond (MTTR) — thereby dramatically improving their resilience to cyberthreats. \nSpeaker: Darren Cathey\, Sr. Systems Engineer\, LogRhythm \nDarren Cathey has several decades of experience in programming\, operating systems\, and applications security. His multi-functional experience in engineering\, marketing and sales lends itself well to supporting both SMB and Enterprise customers in the Mid-Atlantic territory as a Sr. Systems Engineer. Past experience includes positions with HP\, Wind River Systems\, Arxan\, Vormetric and Varonis. \n5:15 – 5:45 (Chapter Business / Food / Networking) \n6:00 – 7:30 (Presentation / Q&A) \n7:30 – 9:00 (Exploring the museum on your own or with a guide) \nNote: The October Meeting will be at the National Electronic Museum to celebrate National Cybersecurity Month. URL:https://issa-centralmd.org/calendar/membership-meeting-10-23-2019/ LOCATION:National Electronics Museum\, 1745 West Nursery Road\, Linthicum\, MD\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20191008T080000 DTEND;TZID=America/New_York:20191008T100000 DTSTAMP:20260424T054301 CREATED:20190820T222219Z LAST-MODIFIED:20191008T115401Z UID:2775-1570521600-1570528800@issa-centralmd.org SUMMARY:ISSA Central MD Breakfast Meeting 10/8/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-10-08-Meeting-Presentation.pdf \nTopic: A Security Walkthrough of IAM in Light of Data Breaches in the Cloud \nIdentity has become the new perimeter in the world of api-driven infrastructures (cloud computing).  Understanding the challenges and complexity of least privilege is critical to securing your organization against data breaches in the cloud. \nSpeaker: Jonathan Villa\, Practice Director\, Cloud Security at GuidePoint Security \nJonathan Villa has over 19 years of experience as a technology consultant including 17 years of working experience in the information security field. For over 10 years Jonathan consulted to a large municipality as a senior consultant in several competencies including PCI compliance and training\, web application architecture and security\, vulnerability assessments\, trained developers in secure coding\, web application firewall administration\, and co-architected and managed an automated continuous integration environment that included static and dynamic code analysis for over 150 applications deployed to several distinct environments and platforms. Jonathan has worked with virtualization and cloud technologies since 2005 and his main focus has been on cloud security since 2010. Jonathan has worked with clients across the USA\, in South America\, and Asia to design and implement secured public and hybrid cloud environments\, integrate security into continuous integration and continuous delivery methodologies\, develop custom security solutions using the AWS SDK\, and provide guidance to customers in understanding how to manage their environments under the Shared Responsibility Model. \n  URL:https://issa-centralmd.org/calendar/issa-central-md-breakfast-meeting-10-8-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190925T170000 DTEND;TZID=America/New_York:20190925T193000 DTSTAMP:20260424T054301 CREATED:20181217T022636Z LAST-MODIFIED:20191019T131328Z UID:2291-1569430800-1569439800@issa-centralmd.org SUMMARY:Membership Meeting 9/25/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-09-25-Meeting-Presentation.pdf \nSpeaker Presentation: .govCAR: Threat Based Cyber Capability Review \nTopic: .govCAR: Threat Based Cyber Capability Review \nThe Cybersecurity and Infrastructure Security Agency (CISA) developed the .govCAR methodology to take a threat-based approach to cybersecurity risk management. .govCAR represents an evolution in managing cybersecurity —an advancement from the traditional consequence (compliance) and vulnerability (cyber hygiene) based approaches. This next-generation approach looks at cybersecurity capabilities the same way an adversary does to directly identify areas where mitigations should be applied for best defense. .govCAR creates opportunities for organizations to make their own threat-informed risk decisions and develop a prioritized approach to reducing risk to known threats. .govCAR is vendor agnostic and does not evaluate specific vendors or products. \nThe speaker will walk the audience through the concept of threat based architecture reviews and will discuss how cybersecurity threat framework and architectural cybersecurity capabilities come together to allow organizations to improve their cybersecurity posture. \nSpeaker: Branko S. Bokan\, Department of Homeland Security \nBranko Bokan is a Cybersecurity specialist with the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS). In his role\, Branko assists federal agencies to adopt the .govCAR methodology. A proud holder of all three ISC2 CISSP concentrations (ISSAP\, ISSEP\, ISSMP)\, Branko also teaches cybersecurity as an adjunct professor at a local university. URL:https://issa-centralmd.org/calendar/membership-meeting-9-25-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190828T170000 DTEND;TZID=America/New_York:20190828T193000 DTSTAMP:20260424T054301 CREATED:20181217T022545Z LAST-MODIFIED:20190828T215416Z UID:2289-1567011600-1567020600@issa-centralmd.org SUMMARY:Membership Meeting 8/28/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-08-28-Meeting-Presentation.pdf \nSpeaker Presentation: Failing-at-Cybersecurity.pdf \nTopic: Fail Secure: 20 Ways to Undermine Your Security Program \nThere’s policy\, and then there’s reality. All too often\, security teams find their efforts overridden or bypassed. Here’s some unconventional wisdom and tips on how to engage your stakeholders and keep your program moving forward. \nSpeaker: Tom Hallewell\, VP of Programs and Event for the ISSA DC Chapter \nTom Hallewell works for the Government. He’s also VP of Programs for ISSA-DC.  He’s worked in just about every area of cybersecurity\, and has the scars to prove it.  Hopefully this talk will help you avoid getting them yourself.  Tom Hallewell is the VP of Programs and Event for the ISSA DC Chapter \nPlease Note: \n\nDeadline to register is August 26th at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on August 26th. Otherwise\, $20 at the door (cash or credit card). Refunds available until August 26th at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-8-28-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190724T170000 DTEND;TZID=America/New_York:20190724T193000 DTSTAMP:20260424T054301 CREATED:20181217T022447Z LAST-MODIFIED:20190729T120043Z UID:2287-1563987600-1563996600@issa-centralmd.org SUMMARY:Membership Meeting 7/24/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-07-24-Meeting-Presentation.pdf \nSpeaker Presentation: Attackers-Prey-on-Uncertainty_ISSA-Central-MD.pdf \nTopic: Attackers Prey on Uncertainty: How to Fail at Threat Detection\n \nIt takes a lot of visibility and context to detect and respond to sophisticated threats. Attackers usually target data\, where enterprises have the least visibility and most uncertainty. In this session\, we’ll explore new\, sophisticated threats from inside and out\, demonstrate how easy it is for adversaries to bypass traditional controls\, and present a methodology to better protect data at scale\, improve threat detection\, and reduce uncertainty. \nSpeaker: Courtney Chau\, System Engineer at Varonis \nBringing a diverse business and technical skill set\, Courtney Chau has had the privilege of working with an elite list of clientele in the Cyber Security & Information Technology sector. Courtney’s commitment to continued learning and academic excellence provided the opportunity for a year of early completion at Virginia Tech with a B.S. in Business Information Technology\, summa cum laude\, and minor in Applied Business Computing. Courtney embarked on her professional journey in IT Risk Assurance at the multinational professional services network firm PricewaterhouseCoopers (PwC)\, providing superior client relationship management to cultivate efficient and innovative business solutions. She collaborated with multiple teams\, inter-company lines of service\, clients\, and client third-party service organizations for multiple projects regarding interfaces/configurations\, key reports\, SDLC\, and other IT general controls. Following this\, Courtney served Darktrace as a Cyber Defense Technology Specialist to manage deployments and incident responses\, ranging from small business to global firms across a variety of industries. She mentored a team of engineers and holds substantial experience covering a global territory. Presently\, she works with Varonis to serve the data security needs of large enterprise customers. \nPlease Note: \n\nDeadline to register is July 22nd at 5 PM.\nChapter & ISSA member’s ticket: FREE\nGuest tickets: $15 if registered by 5 PM on July 22nd. Otherwise\, $20 at the door (cash or credit card). Refunds available until July 22nd at 5pm.\n\nAgenda: \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-7-24-2018/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190626T170000 DTEND;TZID=America/New_York:20190626T193000 DTSTAMP:20260424T054301 CREATED:20181217T022354Z LAST-MODIFIED:20190701T123836Z UID:2285-1561568400-1561577400@issa-centralmd.org SUMMARY:Membership Meeting 6/26/2019 DESCRIPTION:Chapter Meeting Registration \nPlease note the new meeting Location: Hub Spot\, 6724 Alexander Bell Drive\, Suite 105\, Columbia\, MD 21046\,  \nChapter Business Meeting Slides: 2019-06-26-Meeting-Presentation \nSpeaker Presentation: Crafting a DLP Program \nTopic: Data Loss Prevention Essentials \nA how-to primer on overcoming organizational challenges to implement a successful Data Loss Prevention program. \nAdvances in technology have prompted a rapid evolution of business processes over the last two decades. Along with the benefits provided to organizations\, these advances have brought about new types of risks. Data has become the lifeblood of organizations\, yet many do not know what data they have\, what is important\, or how it is being used. \nA Data Loss Prevention program provides insight into these new risks\, but organizations are often ill-equipped to respond to this new information or manage the associated risks. \nInfolock’s Director of Advisory Services\, Ryan Dobbins\, will discuss the three main areas required for a successful implantation: \n\nGovernance: The organizational articulation of what data is important and how it is measured\nVisibility: The technical ability to make informed decisions\nProtection: The enforcement of organization risk tolerance\n\nA successful DLP program supports and informs organizational leadership as they manage data risk and minimize the occurrence and impact of data incidents. Attendees will leave this presentation with an understanding of how to turn DLP technology into a holistic program to reduce organizational risks. \nSpeaker: Ryan Dobbins\, Director of Advisory Services\, Infolock \nRyan Dobbins is Infolock’s Director of Advisory Services and helped develop the Data Risk Management Framework (DRMF). A graduate of James Madison University\, Mr. Dobbins holds the SANS GSLC certification and is active in the Governance\, Risk\, and Compliance (GRC) community where he offers his expertise on topics such as: \n\nStrategic Data Governance\nAligning Compliance Goals with Real Security\nReducing Enterprise Risk with Data Loss Prevention\nHow to Use a Control Framework to Build a Security Program\n\nIn addition to his work at Infolock\, Mr. Dobbins was a featured speaker at VA HIMSS (2017)\, the AMC Security Conference (2017)\, the NCHICA Conference (2016)\, and the AMC Conference (2016). Prior to Infolock\, Mr. Dobbins developed and managed the information security program at a multi-billion-dollar healthcare enterprise\, including its GRC system and Security Operations Center. In this role\, Mr. Dobbins and his team worked to detect\, respond to\, and report on technical security issues. During this time\, they responded to internal and external security audits\, formed business relationships with various organizational units and provided corporate\nguidance on security related issues. The results of their findings were scored against HITRUST and internal policies and added to the GRC system for risk-tracking and remediation. Later\, these results were published to a wide audience across a number of formats\, including\nexecutive dashboards and technician remediation paths. \nPlease note new meeting schedule – June 2019 \n5:15 – 5:45 Chapter Business Meeting \n6:00 – 7:30 Speaker and Q&A \nChapter Meeting Registration URL:https://issa-centralmd.org/calendar/membership-meeting-6-26-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190522T170000 DTEND;TZID=America/New_York:20190522T193000 DTSTAMP:20260424T054301 CREATED:20181217T022300Z LAST-MODIFIED:20190523T112701Z UID:2283-1558544400-1558553400@issa-centralmd.org SUMMARY:Membership Meeting 5/22/2019 DESCRIPTION:Please note the new meeting Location: Hub Spot\, 6724 Alexander Bell Drive\, Suite 105\, Columbia\, MD 21046\,  \nTopic: RMF 2.0 for non-Federal Users \nMembership Meeting Slides: 2019-05-22 Meeting Presentation \nSpeaker Presentation: Risk Management for non-Federal Users \nLearning objectives\n1) Understanding of the NIST Risk Management Framework\n2) Briefing on the updates to Revision 2.0 of NIST 800-37\n3) Walk through of a fictitious Federal Agency system undergoing the RMF process \nThe target audience are those who have not yet dealt with the NIST RMF and would like to understand the various components and how it would apply to a specific computer system. The talk will start with the steps included in the RMF process and will end with the review of the controls within one or two control families. \nSpeaker: Joe Klein\, Mitre \nJoe Klein is a +30-year veteran of the IT\, IA\, IoT and IO domains\, with extensive experience in DoD\, US Government\, and commercial sectors. He has a long history of speaking at Computer Science\, Technology\, Security and Hacker conferences on topics such as IPv6\, Time Hacking\, Auto Hacking\, Physical Security\, Risk Management\, IoT Security\, Cybersecurity as a Business advantage\, and success in your security career. National and international speaking venues include Defcon\, BlackHat\, BSidesDC\, ISSA events\, ITU\, InfraGard\, TorCon\, SecTor\, and Security Days. \nHe also contributes his talent to standards and practices at NIST\, DoD\, SPAWAR\, IEEE\, and IETF. \nPlease note new meeting schedule – May 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and Q&A \n  URL:https://issa-centralmd.org/calendar/membership-meeting-5-22-2019/ LOCATION:HubSpot—The Gathering Place on the Gateway\, 6724 Alexander Bell Drive Hub Spot\, Suite 105\, Columbia\, MD\, 21046 CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190424T170000 DTEND;TZID=America/New_York:20190424T193000 DTSTAMP:20260424T054301 CREATED:20181217T022201Z LAST-MODIFIED:20190515T164644Z UID:2281-1556125200-1556134200@issa-centralmd.org SUMMARY:Membership Meeting 4/24/2019 DESCRIPTION:Membership Meeting Slides: 2019-04027 Meeting Presentation \nSpeaker Presentation: Intro to Cyber Insurance \nTopic: Intro to Cyber Insurance \nCyber risk management is something that continues to evolve with the threat landscape as well as innovations in processes and technology. One of these new innovations is the emergence of cyber insurance. While it is new in terms of insurance products it has been around for several years and is quickly developing into something that many commercial organizations are starting to consider. The purpose of this presentation is to provide an overview of the cyber insurance marketplace\, the underwriting process and a shallow dive into the coverage provided by a typical policy. \nSpeaker: MICHAEL VOLK\, VP\, CYBER RISK SOLUTIONS\, PSA INSURANCE \nAs the lead for PSA’s Cyber Risk Solutions Practice\, Mike Volk is responsible for helping clients make informed decisions about cyber insurance and develop strategies to reduce cyber risk. For the past eight years he has worked in several roles where he helped individuals and organizations navigate the complex cybersecurity landscape. Mike is engaged in the cybersecurity community and currently serves on the Board of Directors for the Cybersecurity Association of Maryland\, Inc. (CAMI). Prior to joining PSA\, Mike worked with individual job-seekers\, industry experts\, as well as government organizations and contractors in areas related to cybersecurity training and workforce development. He has authored several articles on topics related to cyber risk\, cybersecurity education/training and cybersecurity workforce development. Mike contributed to Anne Arundel Community College as the Business Development Coordinator for the CyberCenter and Instructional Specialist for the Cyber and Technology Training area. He also served as the Cybersecurity Navigator and Project Coordinator for the Mayor’s Office of Employment Development in Baltimore City. \nPlease note new meeting schedule – February 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and URL:https://issa-centralmd.org/calendar/membership-meeting-4-24-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190327T170000 DTEND;TZID=America/New_York:20190327T193000 DTSTAMP:20260424T054301 CREATED:20181217T022110Z LAST-MODIFIED:20190402T170004Z UID:2279-1553706000-1553715000@issa-centralmd.org SUMMARY:Membership Meeting 3/27/2019 DESCRIPTION:Chapter Business Meeting Slides: 2019-03-27-Meeting-Presentation \nTopic: An Update on Deep Content Inspection and DLP for Government \nDeep Content Inspection!  OK right\, but what is Deep Content Inspection?  Is it the ability to work in highly regulated federal agencies?  Is it working with other vendors to ensure that file transfers are reviewed prior to allowing? Or ensuring that data transfers to removable media drives do not contain sensitive information? Is it automatically encrypting email messages that contain sensitive information in them? How about all of the above?  Today\, advanced security and data loss prevention features are needed to combat information borne threats across a wide range of technologies. \nSpeaker: Scott Messick\, Senior Sales Engineer with Clearswift  \nScott Messick is a Senior Sales Engineer with Clearswift based in New Jersey. In this role he works with the largest Clearswift customers and prospects across North and South America. Scott joined Clearswift about two years ago\, after 12 years with Credit Agricole Corporate Investment Bank (CA-CIB). While with Credit Agricole\, Scott was a Windows Technical Lead\, a Windows Platform Engineer\, a Windows Platform Group Manager and was promoted to Vice President. Scott also served on the IT and IT Security Management Committees that oversaw all North and South America IT and IT Security infrastructure operations for the Bank. \nPlease note new meeting schedule – February 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and Questions URL:https://issa-centralmd.org/calendar/membership-meeting-3-27-2019/ LOCATION:UMBC Training Centers\, 6996 Columbia Gateway Dr.\, Suite 100\, Columbia\, MD\, 21046\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190227T170000 DTEND;TZID=America/New_York:20190227T193000 DTSTAMP:20260424T054301 CREATED:20181217T022018Z LAST-MODIFIED:20190319T232821Z UID:2277-1551286800-1551295800@issa-centralmd.org SUMMARY:Membership Meeting 2/27/2019 DESCRIPTION:Meeting Presentation: 2019-02-27 Meeting Presentation \nSpeaker Presentation: Hacking Social Media – ZeroFOX \n\n\nSocial Media Protection For Dummies: Download free book\, click HERE. \nTopic: What is Social Media Security? \nSocial media security is the process of analyzing dynamic social media data in order to protect against security and business threats.. Every industry faces a unique set of risks on social\, many of which have put organizations in the press or at the center of controversy. \nSpeaker: Christopher Cullison\, VP Emerging Technologies @ ZeroFOX \nCo-founder of ZeroFOX and Vice President of Emerging Technologies\, has over 16 years of experience in the software industry. Christopher has worked with and managed large scale applications for Fortune 50 corporations\, specializing in advanced enterprise architecture solutions. His expertise includes reverse engineering\, code inspection\, dynamic integrations\, and cyber-security. Chris has worked as a consulting expert in patent litigation\, specializing in patent and prior art analysis. Besides holding multiple coding and security certifications\, he speaks regularly about innovative coding at security conferences. Chris has a Bachelors in Business Information Systems from Stevenson University. \nPlease note new meeting schedule – February 2019\n5:15 to 5:45 Business Meeting\n5:45 to 6:15 Networking and Dinner\n6:15 to 7:45 Speaker and Q&A URL:https://issa-centralmd.org/calendar/membership-meeting-2-27-2019/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20190123T170000 DTEND;TZID=America/New_York:20190123T193000 DTSTAMP:20260424T054301 CREATED:20181217T021913Z LAST-MODIFIED:20190123T231913Z UID:2275-1548262800-1548271800@issa-centralmd.org SUMMARY:Membership Meeting 1/23/2019 DESCRIPTION:Meeting Presentation: 2019-01-23 Meeting Presentation \nSpeaker Presentation: What is Cyber Threat Intelligence? \nJohn Stoner and Ronnie Obenhaus will present on how gathering threat intelligence data is necessary to combat various threat actors from nation states.  Threat intelligence solutions gather raw data about emerging or existing threat actors and threats from a number of sources. CTI data is  analyzed and filtered to produce threat intelligence feeds and management reports that contain information that can be used by automated security control solutions. The primary purpose of this type of security is to keep organizations informed of the risks of advanced persistent threats\, zero-day threats and exploits\, and how to protect against them. \nSpeaker: John Stoner & Ronnie Obenhaus \nCyber Threat Intelligence Analyst John Stoner has over 18 years of experience in the national security and defense sector working a variety of roles\, including most recently as a Cyber Threat Intelligence Analyst\, Cyber Counterintelligence Analyst and Cyber Instructor. His work experience includes IT\, instruction and course design\, cyber exercise and testing\, penetration testing\, intelligence collection\, threat support\, SIGINT (Signals Intelligence)\, and Cyber Operations. He holds A+\, Net+\, CEH\, CHFI\, CEI\, CISD\, CASP and CISSP and a Computer Studies degree from UMUC. He is a huge soccer fan and coaches youth soccer. You may see his Zombie response car at unnamed government facilities. By secretly joining the Army at 19 years old\, he got started in military intelligence and then eventually government cybersecurity. \nCyber Threat Intelligence Analyst Ronnie Obenhaus is a US Army Veteran and is not good at providing additional facts for his bio. He is married and has several children (amount variable). He may or may not have pets\, but seems to like dogs. He currently is a DOD civilian at a federal cyber agency. \nAgenda: \n\n5:15 – 5:45 (Chapter Business)\n5:45 – 6:15 (Food / Networking)\n6:15 – 7:15 (Presentation / Q&A) URL:https://issa-centralmd.org/calendar/membership-meeting-1-23-2019/ LOCATION:UMBC Training Centers\, 6996 Columbia Gateway Dr.\, Suite 100\, Columbia\, MD\, 21046\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20181128T170000 DTEND;TZID=America/New_York:20181128T193000 DTSTAMP:20260424T054301 CREATED:20171112T231511Z LAST-MODIFIED:20181219T021341Z UID:1791-1543424400-1543433400@issa-centralmd.org SUMMARY:Membership Meeting 11/28/2018 DESCRIPTION:Business Meeting Slides: 2018-10-24-Meeting-Presentation.pdf \nSpeaker: Colton McQue\, Zscaler \nTopic: No Network Needed?!?! \nIt seems every day\, we are bombarded with news of yet another breach and our personal information being traded and sold on the dark web/Internet.  We lose sleep wondering if we have the right controls and policies in place to prevent our companies and our names from appearing in the next morning’s headlines.  Is it time for a different approach?  What if we could get rid of our network so we no longer had to define complex boundaries and policies?  Is it really possible to architect a system that removes all the traditional ingress and egress points?  If we resign ourselves to the fact that it’s not IF but WHEN our network gets breached….then why do we still have a network? URL:https://issa-centralmd.org/calendar/membership-meeting-11212018/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20180627T170000 DTEND;TZID=America/New_York:20180627T193000 DTSTAMP:20260424T054301 CREATED:20171112T230909Z LAST-MODIFIED:20180627T220059Z UID:1781-1530118800-1530127800@issa-centralmd.org SUMMARY:Membership Meeting 06/27/2018 DESCRIPTION:Monthly ISSA Meeting Slides: Click Here \nSpeaker Slides: REnigma: A Tool to Analyze Malware \nTitle: REnigma: A Tool to Analyze Malware \n\nREnigma is an advanced semi-automated malware analysis tool designed to give enterprise network defenders a safe\, effective\, and efficient environment to manually execute and inspect malware behavior. Originally developed at the Johns Hopkins University Applied Physics Laboratory (JHU/APL) with funding from the United States Government\, REnigma uses advanced Virtual Machine Record and Replay technology to capture everything that happens inside of a virtual machine at nearly full speed and perfectly replay execution down to the instruction level. With this capability\, analysts can easily capture second stages\, defeat advanced packers\, extract IOCs from memory\, and much more. This talk will cover how REnigma works\, how REnigma is deployed within an enterprise environment\, and give a demonstration of REnigma analyzing malware.\n\n\nSpeaker: Jim Stevens\, Co-Founder Deterministic Security\, LLC \nJim Stevens is a co-founder of Deterministic Security\, LLC. He was previously employed at the Johns Hopkins University Applied Physics Laboratory (JHU/APL). At JHU/APL\, Jim co-lead the Malware Laboratory\, co-lead the REnigma project\, and invented Guard Lines\, a patented CPU-based technology designed to prevent memory corruption exploits in real time. He holds a B.S. in Computer Engineering from the University of Kansas\, an M.S. in Computer Science from the University of Arkansas-Fayetteville\, and is a Ph.D. candidate in Computer Science at the University of Maryland-College Park. URL:https://issa-centralmd.org/calendar/membership-meeting-06272018/ LOCATION:Parsons\, 110 Samuel Morse Drive\, Suite 200\, Columbia\, MD\, 21046\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20171213T170000 DTEND;TZID=America/New_York:20171213T210000 DTSTAMP:20260424T054301 CREATED:20161026T222757Z LAST-MODIFIED:20171217T020444Z UID:1127-1513184400-1513198800@issa-centralmd.org SUMMARY:Membership Meeting 12/13/17 DESCRIPTION:ISSA Business Meeting Presentation slides: 2017-12-13 Meeting Presentation \n\nSpeaker slides: Enhancing Information Security in Microsoft Office 365 12-13-2017 \nClear Swift Case Study: Clearswift_Volusia_Schools_Case_Office365_Study \nTopic: Enhancing Information Security in Microsoft Office 365 \nMany organizations across various verticals have either moved or are strongly considering a move to Office 365.  Yet\, these systems represent a substantial threat of data loss due to hackers\, phishing and insider threats – and the threat landscape is continually evolving. Today\, advanced security and data loss prevention features are needed to combat information borne threats across email – from within and outside the organization. However\, Microsoft Office 365 only has basic security features. This presentation will examine that threat landscape and Clearswift’s or other Secure Email Gateway’s ability to substantially enhance Office 365 security via an integrated approach \n\n\n\nSpeaker: Scott Messick\, Senior Sales Engineer\, ClearSwift \nScott Messick is a Senior Sales Engineer with Clearswift based in New Jersey. In this role he works with the largest Clearswift customers and prospects across North and South America. Scott joined Clearswift about one year ago\, after 12 years with Credit Agricole Corporate Investment Bank (CA-CIB). While with Credit Agricole\, Scott was a Windows Technical Lead\, a Windows Platform Engineer\, a Windows Platform Group Manager and was promoted to Vice President. Scott also served on the IT and IT Security Management Committees that oversaw all North and South America IT and IT Security infrastructure operations for the Bank. URL:https://issa-centralmd.org/calendar/membership-meeting-12/ LOCATION:National Electronics Museum\, 1745 West Nursery Road\, Linthicum\, MD\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20171115T170000 DTEND;TZID=America/New_York:20171115T190000 DTSTAMP:20260424T054301 CREATED:20161026T222716Z LAST-MODIFIED:20171115T232417Z UID:1125-1510765200-1510772400@issa-centralmd.org SUMMARY:Membership Meeting 11/15/2017 DESCRIPTION:ISSA Business Meeting Presentation slides: 2017-11-15-Meeting-Presentation\nISSA Chapter Outreach: ISSA Chapter Outreach 11_2017\nSpeaker slides: Lessons Learned from the Life of a Security Consultant \nTopic:Secure InfoSec Observations from the Life of a Security Consultant \nWhat’s the difference between companies that have solid\, mature information security programs and ones that seem to be constantly struggling to keep up? After working with many companies across multiple verticals and varied sizes\, there are plenty of lessons to be learned from observations made across the industry. We will be taking a closer look at a few key information security trends and how you and your organization can improve your information security posture. \n\n\n\nSpeaker: Seth Lucci\, GuidePoint Security\, LLC \nSeth Lucci is a Senior Security Consultant at GuidePoint Security.  Since 2001\, his career has included experience in multiple disciplines and includes over 10 years as a Federal contractor supporting Information Technology (IT) security\, information assurance\, configuration\, program and project management\, systems engineering\, quality assurance\, finance\, and business development.  He is a subject matter expert (SME) in implementing NIST-based risk management frameworks in the commercial and federal workspace.  Seth has been a trusted advisor to C-suite executives in addressing their needs for IT strategic plans\, IT transformations\, IT risk management\, governance\, frameworks\, and business process improvements. \nMore recently\, Seth has been consulting clients on Payment Card Industry Data Security Standard (PCI DSS) reviews and compliance.  Some of his clients include: NGA\, DIA\, NATO\, and Freddie Mac.  Seth’s compliance-related initiatives focus on a myriad of associated federal (DOD and IC)\, as well as commercial standards such as: FISMA\, STIGs\, NIST 800 Series\, DCID 6/3\, ICD 503\, PCI DSS and ISO. \nSeth earned a Bachelor of Business Administration degree in Marketing from Radford University and a Master of Business Administration degree from Marymount University. \n  URL:https://issa-centralmd.org/calendar/membership-meeting-11/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20171025T170000 DTEND;TZID=America/New_York:20171025T190000 DTSTAMP:20260424T054301 CREATED:20161026T222627Z LAST-MODIFIED:20171025T221122Z UID:1123-1508950800-1508958000@issa-centralmd.org SUMMARY:Membership Meeting 10/25/2017 DESCRIPTION:  \nBusiness Meeting Slide Presentation: 2017-10-25-Meeting-Presentation.pdf \nISSA Chapter Outreach: SIG-LIaisons-Decks-4Q_2017.pdf \nSpeaker slides: TBD \nTopic:Secure SDLC: The Missing Link in the Supply Chain \nIn recent years\, the global supply chain has become the new “playground for hackers”. With supply chain inherently having numerous links (from suppliers to manufacturers to distributors)\, the number of potentially exploitable relationships makes it an attractive target. This presentation includes the ‘how’ and the ‘why’ of supply chain attacks and describes several notable malware campaigns affecting supply chain in multiple industries \n\n\n\nSpeaker: Chris Hall\, Wapack Labs \nChris has been in the intelligence community for over 16 years in various capacities including SIGINT\, network defense\, reverse-engineering\, and fusion. In 2012\, Chris moved from the government to the private sector to help form the Red Sky alliance and then co-found Wapack Labs in 2013. As a partner at Wapack Labs\, Chris’s main responsibility is to oversee the production\, sourcing\, and collection of intelligence. \n  URL:https://issa-centralmd.org/calendar/membership-meeting-10/ LOCATION:Parsons\, 110 Samuel Morse Drive\, Suite 200\, Columbia\, MD\, 21046\, United States CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20170927T170000 DTEND;TZID=America/New_York:20170927T190000 DTSTAMP:20260424T054301 CREATED:20161026T222536Z LAST-MODIFIED:20171002T003918Z UID:1121-1506531600-1506538800@issa-centralmd.org SUMMARY:Membership Meeting 9/27/17 DESCRIPTION:ISSA Business Meeting Slide Presentation: 2017-09-27-Meeting-Presentation.pdf\nSpeaker slides: SDLC: How to Get Adoption \nTopic:Secure SDLC: How to Get Adoption\n\n\n\nMost companies have some form of a security initiative for custom applications.  Whether this is driven by regulations\, a past incident\, executive awareness or other factors\, development managers understand the need to promote and/or enforce secure development practices.  While striving for consistently secure code and continually improving code security is a goal development teams share\, actually achieving that relies on the enthusiasm of individual developers.  Based on hundreds of customers across many industries over the course of 10 years\, we will discuss common practices for building application security into the SDLC\, and note which ones have been the most successful.  We will also offer ideas on emerging practices that may further promote application security in process. \nSpeaker: Curtis Bragdon\, Director of Sales\, Code Dx\nCurtis Bragdon has over 20 years’ experience designing and deploying software systems\, helping teams design more secure software\, and selling technical tools throughout the enterprise.  Over the past 10 years\, he has focused on cybersecurity at the network and application level\, helping hundreds of companies secure their systems.  At Code Dx\, he helps companies build security into the Software Development Lifecycle URL:https://issa-centralmd.org/calendar/membership-meeting-9/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20170823T170000 DTEND;TZID=America/New_York:20170823T190000 DTSTAMP:20260424T054301 CREATED:20161026T222445Z LAST-MODIFIED:20170927T223121Z UID:1119-1503507600-1503514800@issa-centralmd.org SUMMARY:Membership Meeting 8/23/2017 DESCRIPTION:ISSA Business Meeting Presentation slides: 2017-08-23-Meeting-Presentation.pdf\nISSA Chapter Outreach: ISSA Chapter Outreach 08_2017.pdf\nSpeaker slides: Threat Lifecycle Management \n\n\nTopic:Threat Lifecycle Management\n\n\n\n\nWhy having a response strategy to cyber incidents is just as important as a prevention strategy and leveraging co-managed services as a force-multiplier to make the most of your security program. \nSpeaker: Michelle C. Lapuente\, LogRhythm\, Regional Sales Manager  \nMichelle C Lapuente has been with LogRhythm for over five years with previous experience at Dell and other tech start-ups.  She comes most recently from the banking and finance industry.  A graduate of the University of Texas at Austin in Economics and Spanish\, Michelle is focused to helping security professionals solve security challenges within their organizations.  Additionally\, she is a six time Ironman finisher\, a fan of wine\, and dogs. \n  URL:https://issa-centralmd.org/calendar/membership-meeting-8/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20170726T170000 DTEND;TZID=America/New_York:20170726T190000 DTSTAMP:20260424T054301 CREATED:20161026T222343Z LAST-MODIFIED:20170726T030532Z UID:1117-1501088400-1501095600@issa-centralmd.org SUMMARY:Membership Meeting 7/26/17 DESCRIPTION:ISSA Business Meeting Presentation slides: 2017-07-26-Meeting-Presentation.pdf \n\nSpeaker slides: Contemporary Challenges for Cloud Service Providers Seeking FedRAMP Compliance\n  \nTopic:Contemporary Challenges for Cloud Service Providers Seeking FedRAMP Compliance \n\nThe Federal Risk and Authorization Management Program\, FedRAMP\, is a government-wide assessment and compliance program providing a standardized approach for Cloud Service Providers (CSP) and other organizations delivering SaaS and related products and services to government clients. Although FedRAMP is a well thought out and structured framework\, CSPs and other providers will invariably face serious challenges when seeking an assessment\, potentially resulting in significant losses in time\, money\, and reputation if not prepared.  Engaging knowledgeable advisory services and experienced third-party assessors is essential to successful outcomes and greater business opportunity. \nSpeaker: Jeff Roth\, NCC Group Security Services\, Inc. \n\nJeff Roth is a Regional Director in NCC Group’s Risk Management and Governance organization. He has over 30 years as a global information assurance specialist and cybersecurity engineer delivering excellence in consulting to government\, commercial\, and non-profit organizations. Jeff’s achievements include: \n– Member of the NIST Cybersecurity Working Group that developed the National Initiative for Cybersecurity Education training course.\n– Contributor and SME for the 4th and 5th editions of COBIT and COBIT 5 for Security.\n– Co-author of the ISACA 26th Edition of the 2016 CISA Review Manual\n– 2006 recipient of the ISACA’s John Kuyers Best Speaker/Conference Contributor Award \nPrior to working at NCC Group Jeff served as a US Air Force Information Assurance Officer\, Special Operations Command Cybersecurity Engineer\, Director of Technology Risk Management Service at RSM McGladrey\, and Manager of Internal Audit and Government Relations for the United Space Alliance (Prime Contractor for the NASA Space Shuttle Program) where he was awarded the NASA Astronauts Achievement Award – “Silver Snoopy” \nHis professional credentials include CISSP-ISSEP\, CISA\, and CGEIT \n  URL:https://issa-centralmd.org/calendar/membership-meeting-7/ CATEGORIES:Meetings END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20170628T170000 DTEND;TZID=America/New_York:20170628T190000 DTSTAMP:20260424T054301 CREATED:20161026T222244Z LAST-MODIFIED:20170628T220519Z UID:1115-1498669200-1498676400@issa-centralmd.org SUMMARY:Membership Meeting 6/28/17 DESCRIPTION:  \n\n\nBusiness Meeting Slides: Click Here\n\nTopic: Cyber Innovation\nWhile invention can be defined as creating something new\, “innovation” is applying an invention or creative idea in a different way that adds value to the customer or user.  Innovative ideas are not limited to new technology\, but can occur in policy\, concept of operations\, process and other areas.  For example\, there is potential synergy between corporate IT/SOCs\, cyber R&D\, and the cyber security applied to critical mission systems.  However\, exploiting this synergy is not free\, and many organizations struggle in applying the tools they develop to the real-life problems their SOC operators encounter on a daily basis.  This talk will cover innovative ideas stemming from this cyber-related synergy\, and where it has led to new approaches in malware analysis\, network architecture\, multi-organization collaboration\, visualization of the battle space\, and automated cyber response. \nSpeaker: Michael Misumi\, CIO\, Johns Hopkins University Applied Physics Lab (APL) \n\nMichael Misumi serves as the Chief Information Officer and Head of the Information Technology Service Department at the Applied Physics Laboratory (APL) at Johns Hopkins University. Prior to his current position he was at the RAND Corp. in Santa Monica\, Calif.\, where he was deputy CIO. He led the operational Cyber Strategy development at both organizations\, he is the APL Cyber Response Incident Lead\, and he led a Cyber Security review of all of Johns Hopkins (including the university\, medical center\, and hospitals). Misumi\, who has an MBA from the UCLA Anderson School of Management and a bachelor’s degree in English from UCLA\, has over 20 years experience developing information technology strategy\, security operations\, project portfolio management\, network operations\, data center operations\, desktop administration and personnel management. The 300-person Information Technology Service Department develops and maintains software for APL business applications; its experts also serve on the front lines of cyber-protection\, securing APL networks from hackers and other outside threats. Misumi leads the Navy UARC Cyber Security Task Force\, serves on the USSTRATCOM Strategic Advisory Group (SAG) IT Task Force and the Computer Advisory Committee for Oakridge National Laboratory\, and is a Board member for the Howard County School System Cyber Security program (ARL). \n  URL:https://issa-centralmd.org/calendar/membership-meeting-6/ CATEGORIES:Meetings END:VEVENT END:VCALENDAR