Chapter Blog

Topic: Data Security: The Missing Context  Join us for this executive session designed specifically for CISOs and cybersecurity leaders seeking a more effective, modern approach to data security. You’ll learn why traditional DLP solutions have consistently underdelivered—failing to protect critical … Continued

Topic: .Stakeholder Management in Cybersecurity Brian Vaughan will host a discussion on the pitfalls and pratfalls that can arise when clients or employer management fail to recognize the importance of proper cyber security processes and procedures.  Given the present environment in … Continued

Topic: Redefining the Perimeter: Zero Trust & Device-Bound Access Security  The phrase “identity is the new perimeter” is often used to advocate for centralized Identity and Access Management (IAM) and the rigorous application of least-privilege principles. These concepts align with … Continued

Speaker: Dr. Gregory Carpenter, Principal Partner of CW PENSEC Dr. Gregory Carpenter is the Principal Partner of CW PENSEC, holds the title of Fellow of the Royal Society for the Arts in London, and was named the National Security Agency’s Operations … Continued

Topic: Cybersecurity Essentials for SMB Growth in 2024 In today’s rapidly evolving business landscape, organizations face increasing pressure to maintain robust cybersecurity practices while adopting cloud services, SaaS platforms, and AI tools. This presentation examines critical security practices that businesses … Continued

Topic: Zero Trust Methodology with a Heavy Push into SASE In today’s rapidly evolving business landscape, organizations face increasing pressure to maintain robust cybersecurity practices while adopting cloud services, SaaS platforms, and AI tools. This presentation examines critical security practices that … Continued

Topic: Exploring Linux and Android Software in the Automotive World Even if the most ambitious plans for Software Defined Vehicles are not realized, vehicles are becoming more software defined every year. The ability to dynamically change functionality and target hardware … Continued

Topic: Securing Democratic Elections to Protect E-Voting System via Cryptography in the United States Electronic voting was proposed as an alternative and more reliable solution to the traditional voting system in the United States. Early efforts to integrate the old … Continued

Topic: Midwest To The Middle East: Targeted Security Program Tips for an Evolving Cyber Battlefield Nick Oles is a cybersecurity professional, published author, and veteran of the cyber and special operations communities. He’s collected tips and tricks to help your … Continued

Topic:Securing Your Home Network Home users often think that their home networks are too small to be at risk of a cyberattack or believe that their home devices are secure enough right out of the box. But cybersecurity threats are … Continued

Topic: DoD Information Analysis Centers The DoD Information Analysis Centers are comprised of the Defense Systems (DSIAC), Homeland Defense & Security (HDIAC), and the Cybersecurity and Information Systems Information Analysis Centers (CSIAC). This session will discuss services available to federal … Continued

Topic: Navigating the New Frontier: Penetration Testing in the AI/ML Era As we enter a new era of technological innovation, startups are increasingly harnessing artificial intelligence (AI), machine learning (ML), and Large/Small Language Models (LLMs/SLMs) to accelerate their application development … Continued

Topic: Federal Government Proposed Cybersecurity Regulations and False Claims Risks Are you aware of the cybersecurity regulations proposed by the Federal Government? As more businesses shift towards digital operations, it’s crucial to stay informed about the evolving cybersecurity landscape. In … Continued

Topic: Advanced Degrees in Cyber Have you ever thought about advanced degrees in cyber but thought, there’s no way you have time, or that it will be way too difficult with a demanding full time job? Yeah, me too.  Hear … Continued

Topic: Cybersecurity, Compliance and Network Infrastructure Operations –  Redefined In his speech, Nik Pruthi will highlight how every organization – whether small, medium, or large – can redefine their operations to support their ability to scale to greater heights. The talk … Continued

Topic: PRIVACY AND THE RULE OF LAWIN THE DIGITAL AGE Have you ever had the microphone on your cell phone turn on, by itself, when you’re having conversations, or, review your tax transcripts and see that someone has electronically sent … Continued

Topic: Attending Cybersecurity Events The Maryland Department of Commerce is involved in shaping the cybersecurity industry within the state. As a leader in the cyber community at the Maryland Department of Commerce, I promote, attract, and support Maryland technology companies … Continued

Topic: Importance of Public Private Partnerships in Cybersecurity Private public partnerships for cybersecurity issues have become more important than ever over the last few years. As cyber threat actors increase their efforts against private and public industry alike, correlating all … Continued

Topic: When disaster strikes… what you can do to prepare until help arrives.  A police officer is many things in one. At times a police officer must be a peacekeeper, a counselor, an enforcer, and a life saver. All these … Continued

Topic: What’s it like to work in a Crime Lab?  We have all seen Crime Lab technicians on television shows such as NCIS and CSI analyzing evidence to try solve crimes.  How accurate is television’s portrayal? Hear from experts who … Continued

Topic: Can We Teach an AI to Speak Fluent Cybersecurity How do you know if your AI really understands cybersecurity? Too many compliance tools claim that they use AI for text processing but fail to deliver on their promises. Can … Continued

Topic: Wide World of Cyber The need to validate that cybersecurity policies and procedures remain sufficient (or if not are updated/revised/expanded as needed) to appropriately protect the organization relative to new and emerging risks that emanate from new technologies, operational … Continued

Topic: Cybersecurity Maturity Model Certification (CMMC)  DoD’s Cybersecurity Maturity Model Certification (CMMC) Program was designed to provide increased assurance to the DoD that a DIB contractor can adequately protect sensitive unclassified information (i.e., FCI and CUI) at a level commensurate … Continued

Topic: Who ya gonna call? If there was something strange in your neighborhood, who ya gonna call? The answer is obviously, the Ghostbusters! Now if you looked outside your window, and noticed that your neighbor’s house had caught on fire, … Continued

Topic: Security Architecture in the Age of Covid Security Architecture was hard enough, but then Covid sent all of your employees home.  A Remote Access infrastructure meant for a fraction of your employees now had to support everyone.  Three years later … Continued

Topic: Risk-Based Security With so many cybersecurity technologies and services available, how do organizations get started with evaluating the managed detection and response (MDR) option that is right for them? Lyndon Brown, Pondurance Chief Strategy Officer weighs in on how … Continued

Topic: Ransomware: A Risk Management Strategy Organizations’ globally are dealing with a scourge in ransomware.  Just note the following statistics: Experts estimate that a ransomware attack will occur every 11 seconds in 2021. (Cybercrime Magazine, 2019)  and The average ransom … Continued

Topic: Supply Chain Security: Supplier/Contractor Relationships In Negotiated Contracts Over the past 5 years, the world has seen unprecedented interest-in and allocation-of resources toward Cyber Security in both the public and private sectors.  The Supply-Chain has been stressed to its very limits … Continued

Topic: CSI:Cyber – What did they get wrong and right? In 2015, CBS launched the 4th spin-off of the original CSI TV show called CSI:Cyber. The show focused on an FBI unit that worked to solve various cyber-crimes such as … Continued

Topic: Active Shooter/Assailant Preparedness for Business and Schools The world seems to have gotten more intense and scarier since the pandemic started in early 2020. Although we have seemed to have come back to some sense of normalcy in 2022, … Continued

The August ISSA membership meeting is sponsored by Beyond Identity Topic: Supply Chain Security: Preventing Second Hand or Counterfeit Computing Device Components Increasingly, large enterprise customers are requiring Original Design Manufacturers (ODMs) and/or Original Equipment Manufacturers (OEM) to show demonstrable … Continued

Topic: Chernovite’s Pipedream Gain an in-depth look at old case studies and new research across 2021 highlighting new ICS threat groups,  vulnerabilities, and insights from the field including incident response case studies of previously unreported incidents. This session will give … Continued

Topic: Achieving Vital Network Visibility and Proactive Threat Hunting with Network Detection and Response Enterprise networks are experiencing a deluge of highly sophisticated threats from motivated attackers. Cloud computing, remote working, and traffic encryption expand the attack surface while making … Continued

Topic: Achieving Vital Network Visibility and Proactive Threat Hunting with Network Detection and Response Enterprise networks are experiencing a deluge of highly sophisticated threats from motivated attackers. Cloud computing, remote working, and traffic encryption expand the attack surface while making threats … Continued

Topic: PowerShell Remoting One of the powers of PowerShell is its ability to send commands to multiple machines at once.  In this brief overview, I will cover all the various ways to use PowerShell remoting to accomplish your tasks.  We will be connecting … Continued

January Membership Meeting is Proudly Sponsored by ASPG Topic: Human Security Engineering: Stop Relying on the Failed Human Firewall While the main perception is that the “user problem” is due to a malicious party trying to trick well intentioned users, … Continued

Topic: Emerging Technologies, Existing Policies and Architectures This presentation we will discuss current architectures and policies and how it’s hard to match the speed of change. That the coalition of the willing can create change through sharing and leveraging the … Continued

January Membership Meeting is Proudly Sponsored by: Chapter Business Meeting Slides: 2022-01-26 Meeting Slides Speaker Slides: Internet Crimes Against Children – Joe Dugan – 2022-01-26 Topic: Origin and Mission of the ICAC Task Force The presentation will explain the origin … Continued

Topic: Reducing Advanced Threat Dwell-Time with Behavior Analytics Discussion on Security gap covered using Behavior analytics, both in the enterprise and cloud. We will discuss the traditional methods, quick overview of Behavior detection, value prop and operationalizing in a small team. … Continued

Chapter Business Meeting Slides: 2021-11-18 Meeting Slides Speaker Slides: TBD Topic: Protecting and Securing Data Billions of people around the world rely on operations conducted across the space enterprise. Space systems support critical functions including navigation, communications, agriculture, financial exchange, and … Continued

Chapter Business Meeting Slides: 2021-10-27 Meeting Slides Topic: Intellectual Property Espionage Cliff will talk about an intellectual property espionage case study and discuss how focused curiosity can help you develop solutions. Speaker: Cliff Stoll, Founder of Acme Klein Bottles Dr. … Continued

Topic: Getting to Know your Pi-Hole: Implementing advanced DNS security at home and small office The powerful DNS Sinkhole technology has been used by corporations to help defend networks for years. Recently, this technology has been made available for home … Continued

Topic: Getting to Know your Pi-Hole: Implementing advanced DNS security at home and small office The powerful DNS Sinkhole technology has been used by corporations to help defend networks for years. Recently, this technology has been made available for home … Continued

June 23 @ 5:00 PM – 7:30 PM Chapter Business Meeting Slides: 2021-06-23 Meeting Slides Meeting and Speaker Recording: Click Here Topic: Cyber Crime Speaker: Amber Schroader, CEO & Founder, Paraben Corporation Over the past three decades, Ms. Schroader has been a driving force for innovation in … Continued

Topic: Minorities in Cyber – A STEM Perspective on the Challenges and Successes Faced by Professionals in the Field Ms. Dickens will discuss the various Cybersecurity and Technology programs she’s lead throughout her 20-year STEM career.  Among her success, she has also faced challenges as a Cybersecurity leader … Continued

Chapter Business Meeting Slides: 2021-04-28 Meeting Presentation Speaker Slides: 2021-04-28 3Step_Approach_SASupply Chain Topic: Cybersecurity Awareness:  A 3-Step approach to Cybersecurity Preparedness and Operational Resiliency The challenges created by accelerating technological innovation have reached new levels of complexity and scale.  Governments, … Continued

Topic: Medical Device Security:  A Thing Smart People Do As the global medical device market has expanded, so too has there been an increasing demand for the cyber professionals necessary to secure these systems and ensure their safe clinical operation. The … Continued

Topic: Lockpicking 101 The session will begin with a 15 presentation on primer on the pin picking (SPP) of pin and tumbler locks following by a 30-minute demonstration/interactive session. Participants are welcomed to purchase equipment to work along with the … Continued

Topic: Simulating Adversary Tradecraft with Atomic Red Team and the Red Canary Threat Detection Report We plan to discuss two important resources that leading teams are using to improve their security: 2020 Threat Detection Report: Red Canary’s annual in-depth analysis … Continued

Topic: Reducing The Risk of Unapproved and Rogue Devices Sepio delivers a Hardware Access Control (HAC) platform that reduces the risk of unapproved and rogue devices by providing complete visibility, control, and mitigation of all hardware assets. Sepio’s hardware fingerprinting, … Continued

Chapter Business Meeting Slides: 2020-12-16 Membership Meeting Speaker Slides: Least Privilege with PowerShell JEA Topic: PowerShell JEA PowerShell JEA allows us Systems Administrators to empower our fellow admins, developers, and security personal to accomplish what they need to on our … Continued

Topic: Roles of Artificial Intelligence and Deep Learning in Detecting Data Exfiltration Essential Internet services are vital for many aspects of modern living, yet those services remain valuable to threat actors who use them for network intrusions and data exfiltration. Dr. … Continued

Topic: Lessons Learned from 30 Years of Security Awareness Efforts Organisations acknowledge that employees are often the weakest link, yet efforts to improve ‘user awareness’ tend to rely upon available tools and not true experience. Drawing on three decades of … Continued

Chapter Business Meeting Slides: 2020-08-26 Membership Meeting Speaker Slides: Dell Security Operations 2.0 Transformation Topic: Security Operations 2.0 With Dell Technologies being looked at as a key innovator is response to the rapidly changing workforce, Bob will layout  a vision of what the next-gen … Continued

July 22 @ 5:00 pm – 7:30 pm Chapter Business Meeting Slides: Membership Meeting 7/22/2020 Speaker Slides: MSSP Market Overview Topic: Managed Security Services An overview of the Managed Security Services market including: Definition of MSS Categorization of MSS market segments and the pros and … Continued

Chapter Business Meeting Slides: Meeting Slides 6/24/2020 Speaker Slides: TBD Topic: Cybersecurity Maturity Model Certification (CMMC) – A New, Required DoD Cybersecurity Standard On January 31, 2020, the DoD published a new cybersecurity standard which will be required beginning in … Continued

Topic: DevSecOps: Integrating and Maturing a Security Culture Cybersecurity professionals have a robust suite of tools and methodologies for assessing risk to operating systems, firewalls, and other components but have limited resources to review webapps. As demonstrated by the Equifax … Continued

Chapter Business Meeting Slides: 2020-01-22-Meeting-Presentation.pdf Speaker Slides: The Next Gen of Vulnerability Management Topic: The Next Gen of Vulnerability Management Traditionally, Vulnerability Management has become entrenched in the CVSS scoring system which itself, has undergone some revision to more appropriately address … Continued

Chapter Business Meeting Slides: 2019-10-16-Meeting-Presentation.pdf Speaker Presentation: ISSA Central MD is hosting an event at the National Electronic Museum to celebrate National Cybersecurity Month. Topic: Taking a holistic approach to an insider threat program This presentation will provide insider threat mitigation … Continued

Chapter Business Meeting Slides: 2019-10-08-Meeting-Presentation.pdf Topic: A Security Walkthrough of IAM in Light of Data Breaches in the Cloud Identity has become the new perimeter in the world of api-driven infrastructures (cloud computing).  Understanding the challenges and complexity of least … Continued

Chapter Business Meeting Slides: 2019-09-25-Meeting-Presentation.pdf Speaker Presentation: .govCAR: Threat Based Cyber Capability Review The Cybersecurity and Infrastructure Security Agency (CISA) developed the .govCAR methodology to take a threat-based approach to cybersecurity risk management. .govCAR represents an evolution in managing cybersecurity … Continued

Chapter Business Meeting Slides: 2019-08-28-Meeting-Presentation.pdf Speaker Presentation: Failing-at-Cybersecurity.pdf Topic: Fail Secure: 20 Ways to Undermine Your Security Program There’s policy, and then there’s reality. All too often, security teams find their efforts overridden or bypassed. Here’s some unconventional wisdom and tips … Continued