Topic: Security Architecture in the Age of Covid Security Architecture was hard enough, but then Covid sent all of your employees home. A Remote Access infrastructure meant for a fraction of your employees now had to support everyone. Three years later … Continued
Topic: Risk-Based Security With so many cybersecurity technologies and services available, how do organizations get started with evaluating the managed detection and response (MDR) option that is right for them? Lyndon Brown, Pondurance Chief Strategy Officer weighs in on how … Continued
Topic: Ransomware: A Risk Management Strategy Organizations’ globally are dealing with a scourge in ransomware. Just note the following statistics: Experts estimate that a ransomware attack will occur every 11 seconds in 2021. (Cybercrime Magazine, 2019) and The average ransom … Continued
Topic: Supply Chain Security: Supplier/Contractor Relationships In Negotiated Contracts Over the past 5 years, the world has seen unprecedented interest-in and allocation-of resources toward Cyber Security in both the public and private sectors. The Supply-Chain has been stressed to its very limits … Continued
Topic: CSI:Cyber – What did they get wrong and right? In 2015, CBS launched the 4th spin-off of the original CSI TV show called CSI:Cyber. The show focused on an FBI unit that worked to solve various cyber-crimes such as … Continued
Topic: Active Shooter/Assailant Preparedness for Business and Schools The world seems to have gotten more intense and scarier since the pandemic started in early 2020. Although we have seemed to have come back to some sense of normalcy in 2022, … Continued
The August ISSA membership meeting is sponsored by Beyond Identity Topic: Supply Chain Security: Preventing Second Hand or Counterfeit Computing Device Components Increasingly, large enterprise customers are requiring Original Design Manufacturers (ODMs) and/or Original Equipment Manufacturers (OEM) to show demonstrable … Continued
Topic: Chernovite’s Pipedream Gain an in-depth look at old case studies and new research across 2021 highlighting new ICS threat groups, vulnerabilities, and insights from the field including incident response case studies of previously unreported incidents. This session will give … Continued
Topic: Achieving Vital Network Visibility and Proactive Threat Hunting with Network Detection and Response Enterprise networks are experiencing a deluge of highly sophisticated threats from motivated attackers. Cloud computing, remote working, and traffic encryption expand the attack surface while making … Continued
Topic: Achieving Vital Network Visibility and Proactive Threat Hunting with Network Detection and Response Enterprise networks are experiencing a deluge of highly sophisticated threats from motivated attackers. Cloud computing, remote working, and traffic encryption expand the attack surface while making threats … Continued
Topic: PowerShell Remoting One of the powers of PowerShell is its ability to send commands to multiple machines at once. In this brief overview, I will cover all the various ways to use PowerShell remoting to accomplish your tasks. We will be connecting … Continued
January Membership Meeting is Proudly Sponsored by ASPG Topic: Human Security Engineering: Stop Relying on the Failed Human Firewall While the main perception is that the “user problem” is due to a malicious party trying to trick well intentioned users, … Continued
Topic: Emerging Technologies, Existing Policies and Architectures This presentation we will discuss current architectures and policies and how it’s hard to match the speed of change. That the coalition of the willing can create change through sharing and leveraging the … Continued
January Membership Meeting is Proudly Sponsored by: Chapter Business Meeting Slides: 2022-01-26 Meeting Slides Speaker Slides: Internet Crimes Against Children – Joe Dugan – 2022-01-26 Topic: Origin and Mission of the ICAC Task Force The presentation will explain the origin … Continued
Topic: Reducing Advanced Threat Dwell-Time with Behavior Analytics Discussion on Security gap covered using Behavior analytics, both in the enterprise and cloud. We will discuss the traditional methods, quick overview of Behavior detection, value prop and operationalizing in a small team. … Continued
Chapter Business Meeting Slides: 2021-11-18 Meeting Slides Speaker Slides: TBD Topic: Protecting and Securing Data Billions of people around the world rely on operations conducted across the space enterprise. Space systems support critical functions including navigation, communications, agriculture, financial exchange, and … Continued
Chapter Business Meeting Slides: 2021-10-27 Meeting Slides Topic: Intellectual Property Espionage Cliff will talk about an intellectual property espionage case study and discuss how focused curiosity can help you develop solutions. Speaker: Cliff Stoll, Founder of Acme Klein Bottles Dr. … Continued
Topic: Zero Trust Is Not a Destination, But A Continual Journey As you are aware, there is a lot of confusion on what “Zero Trust” is. Most of this comes from different technology manufacturers marketing their products as the solution … Continued
Topic: Getting to Know your Pi-Hole: Implementing advanced DNS security at home and small office The powerful DNS Sinkhole technology has been used by corporations to help defend networks for years. Recently, this technology has been made available for home … Continued
Topic: Getting to Know your Pi-Hole: Implementing advanced DNS security at home and small office The powerful DNS Sinkhole technology has been used by corporations to help defend networks for years. Recently, this technology has been made available for home … Continued
June 23 @ 5:00 PM – 7:30 PM Chapter Business Meeting Slides: 2021-06-23 Meeting Slides Meeting and Speaker Recording: Click Here Topic: Cyber Crime Speaker: Amber Schroader, CEO & Founder, Paraben Corporation Over the past three decades, Ms. Schroader has been a driving force for innovation in … Continued
Topic: Minorities in Cyber – A STEM Perspective on the Challenges and Successes Faced by Professionals in the Field Ms. Dickens will discuss the various Cybersecurity and Technology programs she’s lead throughout her 20-year STEM career. Among her success, she has also faced challenges as a Cybersecurity leader … Continued
Chapter Business Meeting Slides: 2021-04-28 Meeting Presentation Speaker Slides: 2021-04-28 3Step_Approach_SASupply Chain Topic: Cybersecurity Awareness: A 3-Step approach to Cybersecurity Preparedness and Operational Resiliency The challenges created by accelerating technological innovation have reached new levels of complexity and scale. Governments, … Continued
Topic: Medical Device Security: A Thing Smart People Do As the global medical device market has expanded, so too has there been an increasing demand for the cyber professionals necessary to secure these systems and ensure their safe clinical operation. The … Continued
Topic: Lockpicking 101 The session will begin with a 15 presentation on primer on the pin picking (SPP) of pin and tumbler locks following by a 30-minute demonstration/interactive session. Participants are welcomed to purchase equipment to work along with the … Continued
Topic: Simulating Adversary Tradecraft with Atomic Red Team and the Red Canary Threat Detection Report We plan to discuss two important resources that leading teams are using to improve their security: 2020 Threat Detection Report: Red Canary’s annual in-depth analysis … Continued
Topic: Reducing The Risk of Unapproved and Rogue Devices Sepio delivers a Hardware Access Control (HAC) platform that reduces the risk of unapproved and rogue devices by providing complete visibility, control, and mitigation of all hardware assets. Sepio’s hardware fingerprinting, … Continued
Chapter Business Meeting Slides: 2020-12-16 Membership Meeting Speaker Slides: Least Privilege with PowerShell JEA Topic: PowerShell JEA PowerShell JEA allows us Systems Administrators to empower our fellow admins, developers, and security personal to accomplish what they need to on our … Continued
Topic: Roles of Artificial Intelligence and Deep Learning in Detecting Data Exfiltration Essential Internet services are vital for many aspects of modern living, yet those services remain valuable to threat actors who use them for network intrusions and data exfiltration. Dr. … Continued
Topic: Lessons Learned from 30 Years of Security Awareness Efforts Organisations acknowledge that employees are often the weakest link, yet efforts to improve ‘user awareness’ tend to rely upon available tools and not true experience. Drawing on three decades of … Continued
Topic: A Study on Drone Forensics Framework As consumer unmanned aircraft systems (UAS) or drones are used more commonly in public areas, an approach for a drone forensics framework is needed to guide forensics investigators in analyzing recovered drones that … Continued
The $80 million fine issued to Capital One for its 2019 data breach has put a spotlight on data security in the cloud. Banks can protect themselves by making sure open-source software is updated, more tightly restricting data permissions and … Continued
Chapter Business Meeting Slides: 2020-08-26 Membership Meeting Speaker Slides: Dell Security Operations 2.0 Transformation Topic: Security Operations 2.0 With Dell Technologies being looked at as a key innovator is response to the rapidly changing workforce, Bob will layout a vision of what the next-gen … Continued
The unprecedented COVID-19 has caused a major shutdown of economy. But the purpose of this article is discussing how to minimize downside risks, while maximizing upside opportunities? How do we rethink: (1) helping our clients? our memberships? (2) learning and … Continued
July 22 @ 5:00 pm – 7:30 pm Chapter Business Meeting Slides: Membership Meeting 7/22/2020 Speaker Slides: MSSP Market Overview Topic: Managed Security Services An overview of the Managed Security Services market including: Definition of MSS Categorization of MSS market segments and the pros and … Continued
Chapter Business Meeting Slides: Meeting Slides 6/24/2020 Speaker Slides: TBD Topic: Cybersecurity Maturity Model Certification (CMMC) – A New, Required DoD Cybersecurity Standard On January 31, 2020, the DoD published a new cybersecurity standard which will be required beginning in … Continued
Chapter Business Meeting Slides: 2020-05-27 Meeting Presentation Meeting Sponsor Slides: Semperis AD Recovery and Protection – 2020-05-27 Speaker Slides: Bricata SOAR Presentation – Carl Bolterstein 2020-05-27 Presentation Title: SOARing into Netsec Traditional methods of security event management create a constant struggle to … Continued
Topic: DevSecOps: Integrating and Maturing a Security Culture Cybersecurity professionals have a robust suite of tools and methodologies for assessing risk to operating systems, firewalls, and other components but have limited resources to review webapps. As demonstrated by the Equifax … Continued
Chapter Business Meeting Slides: 2020-02-26 Meeting Slides Speaker Slides: Business Email Compromise (BEC) Topic: Business Email Compromise: More Sophistication, More Problems Business Email Compromise (BEC) is a major threat vector for the private sector. These attacks usually begin with a spear-phishing attempt, … Continued
Chapter Business Meeting Slides: 2020-01-22-Meeting-Presentation.pdf Speaker Slides: The Next Gen of Vulnerability Management Topic: The Next Gen of Vulnerability Management Traditionally, Vulnerability Management has become entrenched in the CVSS scoring system which itself, has undergone some revision to more appropriately address … Continued
Topic: Risk Mitigation Strategies for Cybersecurity Service Providers Everyone is talking about “vendor risk” and “vendor management” on the client side, but who’s looking out for the risks that your cybersecurity product or service company faces when helping those same … Continued
Topic: Threat Informed Defense with MITRE ATT&CK™ Chapter Business Meeting Slides: 2019-11-20-Meeting-Presentation.pdf The MITRE ATT&CK framework has become a widely used knowledge base and model for real cyber adversary behavior. In use across governments, private sector, and security solutions providers, ATT&CK … Continued
Chapter Business Meeting Slides: 2019-10-16-Meeting-Presentation.pdf Speaker Presentation: ISSA Central MD is hosting an event at the National Electronic Museum to celebrate National Cybersecurity Month. Topic: Taking a holistic approach to an insider threat program This presentation will provide insider threat mitigation … Continued
Chapter Business Meeting Slides: 2019-10-08-Meeting-Presentation.pdf Topic: A Security Walkthrough of IAM in Light of Data Breaches in the Cloud Identity has become the new perimeter in the world of api-driven infrastructures (cloud computing). Understanding the challenges and complexity of least … Continued
Chapter Business Meeting Slides: 2019-09-25-Meeting-Presentation.pdf Speaker Presentation: .govCAR: Threat Based Cyber Capability Review The Cybersecurity and Infrastructure Security Agency (CISA) developed the .govCAR methodology to take a threat-based approach to cybersecurity risk management. .govCAR represents an evolution in managing cybersecurity … Continued
Chapter Business Meeting Slides: 2019-08-28-Meeting-Presentation.pdf Speaker Presentation: Failing-at-Cybersecurity.pdf Topic: Fail Secure: 20 Ways to Undermine Your Security Program There’s policy, and then there’s reality. All too often, security teams find their efforts overridden or bypassed. Here’s some unconventional wisdom and tips … Continued
Chapter Business Meeting Slides: 2019-07-24-Meeting-Presentation.pdf Speaker Presentation: Attackers-Prey-on-Uncertainty_ISSA-Central-MD.pdf Topic: Attackers Prey on Uncertainty: How to Fail at Threat Detection It takes a lot of visibility and context to detect and respond to sophisticated threats. Attackers usually target data, where enterprises have … Continued
Membership Meeting June 26, 2019 Chapter Business Meeting Slides: 2019-06-26-Meeting-Presentation Speaker Presentation: Crafting A DLP Program Topic: Data Loss Prevention Essentials A how-to primer on overcoming organizational challenges to implement a successful Data Loss Prevention program. Advances in technology have prompted … Continued
Topic: RMF 2.0 for non-Federal Users Membership Meeting Slides: 2019-05-22 Meeting Presentation Speaker Presentation: Risk Management for non-Federal Users Learning objectives 1) Understanding of the NIST Risk Management Framework 2) Briefing on the updates to Revision 2.0 of NIST 800-37 3) … Continued
Membership Meeting: 04/24/2019 Speaker Presentation: Intro to Cyber Insurance Topic: Intro to Cyber Insurance Cyber risk management is something that continues to evolve with the threat landscape as well as innovations in processes and technology. One of these new innovations … Continued
Chapter Business Meeting Slides: 2019-03-27-Meeting-Presentation Topic: An Update on Deep Content Inspection and DLP for Government Deep Content Inspection! OK right, but what is Deep Content Inspection? Is it the ability to work in highly regulated federal agencies? Is it … Continued
Meeting Presentation: 2019-02-27 Meeting Presentation Speaker Presentation: Hacking Social Media – ZeroFOX Social Media Protection For Dummies: Download free book, click HERE. Topic: What is Social Media Security? Social media security is the process of analyzing dynamic social media data in order to … Continued
Meeting Presentation: 2019-01-23 Meeting Presentation Speaker Presentation: What is Cyber Threat Intelligence? John Stoner and Ronnie Obenhaus will present on how gathering threat intelligence data is necessary to combat various threat actors from nation states. Threat intelligence solutions gather raw data … Continued
ISSA Central MD Chapter Meeting Presentation: 2018-12-19-Meeting-Presentation.pdf Speaker Presentation: Human Securty Officer Topic: Creating a Human Security Officer While everyone acknowledges that users are the top security vulnerability, they rely upon awareness to solve the problem, despite the fact that awareness is … Continued
Business Meeting Slides: 2018-10-24-Meeting-Presentation.pdf Speaker: Colton McQue, Zscaler Topic: No Network Needed?!?! It seems every day, we are bombarded with news of yet another breach and our personal information being traded and sold on the dark web/Internet. We lose sleep wondering … Continued
October 24, 2018 General Meeting General Meeting Slides: 2018-10-24-Meeting-Presentation.pdf Speaker Presentation: The devil is in the details Speaker: Greg Schwartzkopf, Fortinet Greg Schwartzkopf is a Sr. Systems Engineering Director at Fortinet, Inc. with 22 years active in cybersecurity. As a reformed hacker, … Continued
My very first post! So, here it is. My first Blog entry. Welcome, pioneer – I’ll try not to let you down too badly. Who am I, and why should you read what I have to say? The truth is, … Continued
Speaker: Chris Hauser, Senior Security Engineer, Imperva Chris Hauser is a Senior Security Engineer with Imperva. He has twenty years of experience creating, delivering, and advising customers on how to manage and secure their information. He has worked for SAIC, EMC, … Continued
Speaker: Bob Nicholson, Business Development, Federal Civilian & Cyber Security, Dell Federal Bob Nicholson is currently a Business Development Manager for the Dell Federal team with a concentration in Cyber Security. Prior to that Bob spent 15 years as a security … Continued
Speaker: Dawn M. Greenman, Acting Program Manager Cybersecurity, JHU/APL Dawn has over 20 years of IT, project and program management experience with the last 4 years focused on Cybersecurity. Dawn is currently tasked with compliance activities to meet new DFARS Cybersecurity … Continued
Meeting / Networking Event at Jailbreak Brewing Company, Speaker Steve Mosley, LogRhythm – They will get in. The Modern Cyber Threat Pandemic
November meeting – Nick Keller, Invincea – Advanced Endpoint Protection Download the Presentation
Brett Miller – Amazon World Wide Public Sector Professional Services – Simplifying Security Compliance with Cloud Reference Implementations Download the Presentation
Joint meeting with MD IMMA / Infragard – Richard H L Marshall, Esq, Secure Exchange Technology Innovations
Claude L. Williams, Phoenix TS – The Business of Business Continuity Download the Presentation
Rhonda Ferrell, Booz Allen Hamilton- CyberSecurity & Your Professional Life: A Value-Add Approach and Women in Security Download the Presentation
Michael Volk, Anne Arundel Community College – Enhancing Access to Cybersecurity Education, Training and Awareness Download the Presentation
Brian E. Dykstra, Atlantic Data Forensics, Inc. – Murder or Self Defense? Download the Presentation
Anthony Teelucksingh, Senior Counsel at U.S. Department of Justice – Insider Threats, US v. Makwana Download the Presentation
Cancelled
Robert K. Gardner, New World Technology Partners – Cyber Risk, Thru the Shareholder Lens Download the Presentation
Hello. As 2015 is now underway, we wanted to provide you with a list of potential networking and volunteering opportunities tentatively scheduled for this year. We are always looking for members to assist with various outreach and chapter activities that … Continued
Kathy Worgul, Carroll County Business & Employment Resource Center – How Can LinkedIn Assist in Career Advancement Download the Presentation
Hello. As 2015 starts, we are going to start a new practice. The chapter will post a monthly blog to let our members, sponsors and the local security community know what we are doing. We will open this blog with … Continued
December Meeting
Mathew J. Morris, Van Dyke Technology Group – Demystifying Cloud: (Iaas, Paas, Saas) Making Sense of it All
Glen Townson, So you want to be an Information Security Professional?
Bob West, CipherCloud – Cloud Security / Management
Physical Security
Wayne Beekman, Information Concepts – Getting Requirements Right The First Time
Mr. Jeffrey B. Israelitt, Inside IT Outsourcing From Service Providers Perspective
Mark Bennett, File Trek – Behavioral Analytics for Intellectual Property Protection
Taking the Next Step With Computer Forensics – Keith Jones, Lead Cybersecurity Engineer, General Dynamics Lab
Roundtable discussion
Robert Hensing, Microsoft – EMET, Windows XP End of Life
Brian Hubbard, G2, Inc. – NIST Cybersecurity Framework
Supply Chain Risk Management – Mike Myers, President of CyberCore Technologies
Defending Against Advanced Cyber Threats and APTs – Cristian Rodriguez, Consulting Sales Engineer, Websense, Inc.
Mr. Ketkar, Technical Manager, Cigital, Inc. – Mobile First AppSec – Pen-Testing Mobile Apps
Roundtable Discussion
Samantha Manke, Secure Mentem – 7 Habits of Highly Effective Security Awareness Programs
Robert Eggebrecht, BEW – Optimize Your Data Protection Investment for Bottom Line Results
Jim Libersky, Barrier 1D – Real Time Intelligent Threat Management
Robert Hensing and Michael Mattes, Microsoft – Using the Enhanced Mitigation Experience Toolkit
Michael Hixon, OWASP
Joe Magee, Viligant – Using SIEM as a Platform for Real-Time Threat Detection
Steve Surdu, VP of Prof. Services, MANDIANT – Current Security Threats
Dan Wiley, Checkpoint Software Techologies – Everything that is old is new again – DDoS Attacks in a highly connected world
Amber Schroader, Paraben Corp. – Mobile Devices the New Cybersecurity Threat
Ira Winkler, Internet Security Advisory Group – How to Recruit Spies on the Internet
Jim Hansen, Phishme – Spear Phishing
Bruce Zeitz, US-Cert
Michael Hamelin, Tufin
Round Table Discussion
Jack Halloran
Evan Lesser, ClearanceJobs – Compensation for Security-Cleared Professionals
Peter Coddington, PaRaBal – iPhone Security
Josh Smith, JHUAPL
Stopping the Enemy – Jason Brevnik, VP, Sourcefire
Round Table Discussion
International Conference – Baltimore Convention Center
IPv6 deployment – Sheila Frankel, NIST
Combating the Growing Insider Threat – Rob Barnes, Application Security, Inc.
Advanced Persistent Threats (APT) Assessments and Countermeasures – Inno Eroraha, NetSecurity Corporation,
Continuous Monitoring – Yong-Gon Chon, Sr. VP and Chief Technology Officer, SecureInfo
The Online Threat Landscape – Cristian Rodriguez, Websense
Skeletons in the Closet: Securing Inherited Applications – John Dickson, Denim Group
Vulnerabilities & Exploits – Billy Austin, CSO, SAINT Corporation
Talk Title: Decade of IT Security Assessments As vulnerabilities and threats continue to increase at a daunting pace, so does the demand for performing IT security assessments. This presentation covers the volume of various regulatory compliances associated with assessments and … Continued
Next Generation Network Security: A New Era of Application Control – Brandon Conley, VP Enterprise Sales, SonicWALL, Inc
January meeting – How to Hack Large Companies and Make Millions – Chris Hadnagy, Operations Manager of Offensive Security
SHODAN: Resistance is Futile SHODAN (http://www.shodanhq.com) is dubbed at “The Computer Search Engine”. SHODAN has garnered attention from the U.S. Industrial Control System Computer Emergency Response Team (ICS-CERT) because anyone can discover “sensitive” ICS systems. In this talk I will … Continued
Security Challenges Faced by Small to Medium Sized Companies Small to Midsize Businesses have invested time and money to bring their business to life. They buy insurance to protect their business, put locks on the doors and install fire alarms … Continued
Exploring Font Based Steganography With A Focus On Tool Development The world of steganography has become stale as the same exfiltration techniques become easier and easier to detect. Once any major steganalysis tool can find the hidden payload, its game … Continued
The Privileged Challenge Up until the last few years, IT security managers have spent billions of dollars in securing the parameters of their organizations to keep out those who would bring harm to their internal networks. However in recent years, … Continued
War of the Worlds – Business vs. Security in the Social Web When it comes to the Social Web (Social Media, Social Networking, etc…), Business and Security can be on two totally different worlds. Business wants to open the social … Continued
Why Your Intrusion Prevention System is Susceptible to TCP Evasion This talk will discuss why any Intrusion Prevention System (IPS) is susceptible to evasion by any traffic carried over the TCP protocol, the majority of traffic into and out of … Continued
This presentation will discuss Advanced Persistent Threats trends we have observed from 2002-2010, and how we proactively identify them. Samples of captured malicious code will be presented, and several case studies will be referenced. Stephen Windsor, Booz Allen Hamilton Stephen … Continued
Overcoming the Limitations in Network Security Monitoring Ron Gula, CEO of Tenable Network Security, will discuss the current state of the information security industry and focus on how we tend to take our security tools at face value. Mr. Gula … Continued
Federal government key strategic information security initiatives update The federal government continues its risk management transformation by deploying key security standards and guidelines supporting a unified information security framework. This presentation will provide an update on key strategic information security … Continued
