Meetings

Meetings


Meetings are scheduled for the 2nd Tuesday of every month.  
***********
When
***********
Starting at 5:30 PM PT
***********
NEW Where
***********
Building 1, training room #6
Palo Alto Networks
3000 Tannery Way
Santa Clara, CA 95054

Nearest cross street is Bowers Ave & Scott Blvd

Note: you will need to sign in and agree to their NDA at the physical security desk.



August 2018 Meeting Announcement 

In This Newsletter:

  • Chapter meeting details and agenda for 14 August :
    • Last Line of Defense or Marketing Hype? How to Effectively Deploy AI to Find and Remediate Attacks on the Inside, by Marc Ibanez and Larry Lunetta of HPE:Aruba Networks
    • Board meeting agenda:
      • Membership and treasury status review
      • Proposed bylaw amendments
        • Modifications to chapter board job roles from Chapter Leadership Task Force (CLTF)
        • New finance controls added to bylaws
    • Monthly chapter & cyber news:
  • Local InfoSec & hacker social gatherings of note
  • Other upcoming events - Secure World and SMB-G conferences

August Chapter Meeting Details:


WHEN: Tuesday, August 14th, 2018 @ 5:30PM
WHERE: Palo Alto Networks - Building 1: 3000 Tannery Way, Santa Clara, 95054
SCHEDULE:
  • 5:30-6:00PM - Nosh and Networking
  • 6:00-7:00PM - Last Line of Defense or Marketing Hype? How to Effectively Deploy AI to Find and Remediate Attacks on the Inside, by Marc Ibanez and Larry Lunetta of HPE:Aruba Networks
  • 7:00-8:00PM - Quarterly chapter board meeting - members welcome

Speech Title

Last Line of Defense or Marketing Hype? How to Effectively Deploy AI to Find and Remediate Attacks on the Inside

Bio

Marc Ibanez – Technical Marketing Engineer at Aruba covering Security
 
Marc Ibanez has over 20 years of experience in both the wireless and wired communications space.  He has worked at companies both large and small, with roles spanning product development, product management, and technical sales.  Wireless experience includes both WiFi and 2G/3G/4G, and wired spans L1-3 stack from optical to switching & routing.  Previous stints largely focused on the service provider market and include Lucent Bell Labs, Cisco, Foundry/Brocade, BelAir/Ericsson, and Luminate. He is currently at HPE Aruba working on machine learning-based security analytics.
 
Larry Lunetta - Vice President, Security Solutions Marketing
 
Larry Lunetta is Vice President, Security Solutions Marketing and is a technology veteran with a track record of executive management in both public and private companies. He is responsible for the overall marketing strategy and go to market execution for the Aruba security portfolio including ClearPass and the recently acquired Niara UEBA solution. This includes positioning, messaging, asset development, field enablement and global marketing campaign support. Prior to joining Aruba Larry was VP Marketing and Business Development for Niara. Before that, he held a range of C-level positions in venture-backed companies including VP Marketing for ArcSight, where he launched the company, brand and product while helping grow the company from pre-revenue to IPO.
Larry holds a BS in Electrical Engineering from Rutgers College and advanced degrees in engineering and business from Arizona State University where he currently is a guest lecturer in venture studies for the WP Carey School of Business.

Abstract:

AI is now a term that almost every security vendor must have in their marketing pitch. Let’s separate the hype from reality and focus on where AI can be effective and what types of AI technologies are required. Mobile, IoT, and cloud are key elements of the digital engagement required by customers, employees and partners. Unfortunately, what makes users happy also makes organizations more vulnerable. When attacks victimize users who will click on any email attachment and coopt their credentials, the only way to find and deal with them is to see small changes in behavior that indicate a compromised or rogue user or device. This is where an AI technique called unsupervised machine learning helps. But, most products, if they have AI at all, only utilize unsupervised ML. That’s not enough. Supervised machine learning is also required and it is rare because it is much more difficult to develop. But, it plays a key role in moving from another “white noise” maker to a system that finds attacks before they do damage. This session will cover:
  • How to separate AI hype from reality
  • Where AI-based solutions are most helpful
  • How supervised and unsupervised machine learning work in tandem
  • Why algorithms alone are not enough for successful AI outcomes

 
MEETING FEES:
  • Meetings free to (ISC)² certificate holders in good standing. 2 x CPE's will be recorded and submitted to (ISC)² on your behalf.
  • Non-member entrance fee : $10.00
 
Local InfoSec & hacker social gatherings of note:
Upcoming events:
 

Upcoming events:
 

Join us for the 13th Annual SecureWorld Bay Area
Cybersecurity Conference:
WHEN: August 21, 2018  
WHERE: Santa Clara Convention Center

(exclusive (ISC)2 discount codes below)

Conference link address: https://events.secureworldexpo.com/details/bay-area-ca-2018/

Joint Association Presentation and Mixer
ISSA Silicon Valley, ISSA San Francisco Bay Area, and (ISC)2 Silicon Valley chapters will be joining forces at SecureWorld.

ISSA_Silicon ValleyISC2ISSA_BAY_xbt

8:30 - 9:15 a.m. •  Room 201 
Coffee and light breakfast served
Guest Speaker: Lan Jensen, CEO, Adaptable Security and Communications Director for (ISC)2
Please note, you must register for the conference to attend.

Discount Codes
     MIXSWP for $100 off SecureWorld PLUS Pass
     MIXCP for $50 off Conference Pass
     MIXOS for $45 off Open Sessions Pass (Free)

Bringing your security team? Discount rates are available for groups of five or more.
Contact us for pricing details.

SecureWorld PLUS Pass: ($525)
Conference Pass included
12 CPE credit hours & certificate of attendance
6 hours of in-depth training with one instructor
Access to all breakout sessions
Gourmet lunch

Conference Pass: ($145)
6 CPE credit hours & certificate of attendance
Access to all breakout sessions
Gourmet lunch

Open Sessions Pass: (Free)
Access to Exhibitor Hall, keynotes, and limited sessions
 



Join us for the Small - Medium Business & Government (SMB-G) Smart Cities and Communities Conference!

WHEN: October 3rd, 2018 
WHERE: Fairmont Hotel, San Jose, CA

(Exclusive (ISC)2 discount codes below)


EVENT LINK:   https://adaptablesecurity.org/smb-g-summit/

The Summit is an official event under NIST/DHS-led Smart Secure Cities and Communities: Cybersecurty 
and Privacy Advisory Committee.  You'll connect with visionary and pragmatic leaders from Washington 
DC to San Jose on strengthening cybersecurity and privacy for our small and medium businesses and 
governments (SMB-G). 

As a benefit to (ISC)2 Chapter members, use code "ISC2" to receive 25% discount. It's free to volunteers, government and nonprofit personnel.  Besides receiving CPEs, you'll have opportunities to:

  •  Network with leaders and experts - CIOs/CISOs from private sector and 10+ Bay Area cities
  •  Sign up for opportunities to grow career - help your government, schools and smaller businesses
  •  Mentor others in cybersecurity and privacy - practice leadership skills or pick up new domains 







July 2018 Meeting Announcement 

In This Newsletter:

  • Chapter meeting details and agenda for 10 July :
    • Container Security: Fake news or opportunity - Anshul Arora of Palo Alto Networks
    • Board meeting agenda:
      • Membership and treasury status review
      • Proposed bylaw amendments
        • Modifications to chapter board job roles from Chapter Leadership Task Force (CLTF)
        • New finance control
    • Monthly chapter & cyber news:
  • Local InfoSec & hacker social gatherings of note
  • Other upcoming events

July Chapter Meeting Details:


WHEN: Tuesday, July 10th, 2018 @ 5:30PM
WHERE: Palo Alto Networks - Building 1: 3000 Tannery Way, Santa Clara, 95054
SCHEDULE:
  • 5:30-6:00PM - Nosh and Networking
  • 6:00-6:05PM - Chapter news and updates
  • 6:05-7:00PM - Anshul Arora presents Container Security: Fake news or opportunity?
  • 7:00-8:00PM - Chapter board meeting - members welcome

Speech Title

Container Security: Fake news or opportunity

Bio

Anshul graduated with a Master degree in Computer Science and has previously worked at Large corporations like Cisco, & SAP doing Network and Infrastructure security. Currently working at Palo Alto Networks as Infrastructure Security Architect as part of the InfoSec team - with responsibility to secure the on-prem, and cloud platforms.

Abstract:  

Infrastructure evolution is now a mandate for mid-to-large size enterprises. It was almost thought of as virtual reality a couple of years ago, but not anymore - especially due to advent of cloud and DevOps models. Some corporations are born in the cloud but there are still a large number that struggle with such migrations.
This presentation will focus towards practical approaches to enhance the security posture of container based infrastructure deployments; be it bare metal with Docker, Kubenetes or any other tech based deployment. There are always critical security risks and opportunities that an enterprise must be cognizant about before laying out an actionable strategy. At the same time, it is vital to keep compliance and audit aspects in the forefront. The traditional approach to building physical data center is cumbersome in terms of time and resources along with high technology debt while the modern world focuses on economies of scale, standardization and automation.
In summary, we’ll learn how to seal the leaky holes of Governance, Risk, Compliance (GRC) challenges that could potentially sink the ship the containers road in on.


 
MEETING FEES:
  • Meetings free to (ISC)² certificate holders in good standing. 2 x CPE's will be recorded and submitted to (ISC)² on your behalf.
  • Non-member entrance fee : $10.00
 
Local InfoSec & hacker social gatherings of note:
Upcoming events:
 

Join us for the 13th Annual SecureWorld Bay Area
Cybersecurity Conference!
August 21, 2018 • Santa Clara Convention Center
Exclusive (ISC)2 discount codes below

Conference link address: https://events.secureworldexpo.com/details/bay-area-ca-2018/

Discount Codes
ISC2P  $100 off SecureWorld PLUS Pass
ISC2  $50 off Conference Pass
ISC2E  $45 off Open Sessions Pass (FREE)
 

Bringing your security team? Discount rates are available for groups of five or more.
Contact us for pricing details.

SecureWorld PLUS Pass: ($525)
Conference Pass included
12 CPE credit hours & certificate of attendance
6 hours of in-depth training with one instructor
Access to all breakout sessions
Gourmet lunch

Conference Pass: ($145)
6 CPE credit hours & certificate of attendance
Access to all breakout sessions
Gourmet lunch

Open Sessions Pass: (Free)
Access to Exhibitor Hall, keynotes, and limited sessions




June 2018 Meeting Announcement 

In This Newsletter:

  • Chapter meeting details and agenda for 12 June :
    • AI for Cyber Defense: The Shift to Self-Learning, Self-Defending Networks by Christopher Coppock of Dark Trace
    • Passing PCI DSS Assessment by Dick Hacking of ISSA Silicon Valley Chapter
    • Monthly chapter & cyber news:
      • Silicon Valley Cybersecurity Alliance Update
      • GDPR is now in effect
      • Check out the job board for new listings
  • Local InfoSec & hacker social gatherings of note
  • Other upcoming events

June Chapter Meeting Details:


WHEN: Tuesday, June 12th, 2018 @ 5:30PM
WHERE: Palo Alto Networks - Building 1: 3000 Tannery Way, Santa Clara, 95054
SCHEDULE:
  • 5:30-6:00PM - Nosh and Networking
  • 6:00-6:05PM - Chapter news and updates
  • 6:05-6:45PM - Darktrace Presents by Christopher Coppock
  • 6:45-7:45PM - ISSA Silicon Valley Presents by Dick Hacking
  • 7:45-8:00PM - Q&A, Meeting Close

Speech 1 Title

AI for Cyber Defense: The Shift to Self-Learning, Self-Defending Networks

Abstract:  

The fight is no longer at the perimeter. In the new era of cyber-threats, machines fight machines on the battleground of corporate networks. No human security team can keep pace. From high-speed global ransomware attacks to sophisticated threats that disguise themselves for months on a network before taking action, these attacks call for a change in the way we protect our most critical assets.
 
Self-learning, self-defending systems are now being deployed to secure complex enterprise networks across all environment types – ranging from physical, virtual, and cloud, through to the IoT and industrial control systems. Known as ‘immune system’ defense, this approach uncovers threats that have already penetrated the network border and then automatically fights back. Unlike legacy approaches that rely on rules or signatures, immune system security learns and responds autonomously, enables the security team to focus on high-value tasks, and can counter even fast-moving, automated attackers. 
 
In this session, learn about: 

  • Why legacy approaches, like rules and signatures, are proving inadequate in the face of the current threat landscape 
  • How AI and machine learning can automate threat detection and response and, in the process, buy back time for security teams 
  • Real-world examples of detected threats, from fast moving ransomware to hacked fish tanks


Speech 2 Title

Passing PCI DSS Assessment

Abstract:  

Understanding the PCI DSS assessment process is crucial to getting a “Compliant” rating. This presentation tells people facing their first assessment what to expect and the kinds of assets that their assessor will be looking for.

Speaker Bio:

Dick Hacking has over 40 years in the computer business, with one foot in development, and the other in support, for most of that time. His deep technical and implementation experience serve him well in being a Qualified Security Assessor for PCI DSS  (Payment Card Industry Data Security Standard) assessments. He is also a CISM. He’s worked for such enterprises as Zilog, Unisys, Cap Gemini Ernst & Young, and NetApp. A 1984 Computerworld headline asked “Hacking: Pure Genius, or Sheer Theft?” He claims to be guilty of one, and victim of the other.


MEETING FEES:
  • Meetings free to (ISC)² certificate holders in good standing. 2 x CPE's will be recorded and submitted to (ISC)² on your behalf.
  • Non-member entrance fee : $10.00
 
Local InfoSec & hacker social gatherings of note:
  • Cornerstones of Trust Conference 2018 June 19th:
    or www.cornerstonesoftrust.com Information Systems Security Association chapters exist all over the world. The Silicon Valley chapter has monthly meetings on the third Tuesday of each month from 12-1:30pm with lunch and a speaker. This month, however, (June 19th)  we are running our annual one-day conference in connection with SF-ISSA and SFBay Infragard at the Crowne Plaza, Foster City from 8am to 6 or 9 pm (depending on whether you stay for a SANS technical session in the evening to avoid traffic). The conference theme is “Security in the age of Disruption” with keynote speakers Peter Wicher and Rick Howard. Registration is being offered at the ISSA membership rate to ISC2 members. Please go to www.Cornerstonesoftrust.com to see the full speaker lineup and to register.
  • @Si1isec and www.si1isec.org
    • First Thursday, 7 PM at The Firehouse brewpub, Sunnyvale
  • Baysec - https://www.baysec.net/
    • Third Tuesday, Patriot House in SF
  • HoodSec - @hoodsec and www.hoodsec.org
    • Last Thursday of every month at Radio Bar, Oakland
  •  ISACA Silicon Valley Chapter, meetings usually held mid-month, with education and training events throughout the year: http://www.isaca.org/chapters8/silicon-valley/Pages/default.aspx 



May 2018 Meeting Announcement 

In This Newsletter:

  • Chapter meeting details and agenda for 8 May:
    • Powering Trusted Identities - Presented by HID Global
    • Presidents update:
      • (ISC)²  04/27/18 Chapter Discussion Forum Review 
      • (ISC)² Self-Paced Online CCSP training
      • GDPR is coming 5/25/2018:
        • Data subject privacy rights considerations for application developers
      • ISO31000:2018 overview
      • Check out the Breach Level Index
      • Several jobs posted on the job board this month
  • Local InfoSec & hacker social gatherings of note
  • Other upcoming events

May Chapter Meeting Details:

WHEN: Tuesday, May 8th, 2018 @ 5:30PM
WHERE: Palo Alto Networks - Building 1: 3000 Tannery Way, Santa Clara, 95054
SCHEDULE:
  • 5:30-6:00PM - Nosh and Networking
  • 6:00-6:45PM - Presidents update 
  • 6:45-7:45PM - HID Presents: Powering Trusted Identities
  • 7:45-8:00PM - Q&A, Meeting Close

Speakers Bio:
James Reno

Reno has an extensive background in security technology encompassing both physical and logical security technologies, business management, solution delivery, and pre and post-sales support. He spent most of his 20-year career working at HID Global and served in various management roles within HID Global’s IAM Business Unit.

As the VP of Sales, Reno is responsible for defining go-to market strategy, sales processes, strategic alliances, and customer programs for APAC and the Americas. Reno joined HID Global in 2007 to work with the Americas Managing Director, leading an OEM channel initiative to extend the ECO system of partner integrations. He subsequently served as the Director of Solution Sales, developing a customer centric approach to customer engagement with sales and solution architects.

Reno earned a Bachelor of Science in Business Administration from Utah State University, with an emphasis on Marketing and Communications.


Raena Dhuy

Raena Dhuy is a Senior Solutions Architect in HID Global’s Identity and Access Management Business Unit. In this position, Raena develops a technical relationship with customer and prospect security leads. She works closely with companies to understand various aspects of current solutions, security vulnerabilities, and gaps in the user experience to curate a holistic technical solution utilizing the IAM portfolio of HID.

Dhuy participates in numerous internal and external forums and professional groups that are charting the course for next generation enterprise multifactor solutions. Prior to joining HID Global, Dhuy held a number of positions at a global Defense contractor and consulting firm. Under her management, the team was responsible for protecting the firm’s resources to include vendor selections, implementing and managing various PKIs, multi-factor authentication, single sign-on, incident plans and remediation.

Dhuy has extensive experience educating users on best practices, user adoption, and the delivery of PKI solutions.


Speech Title

Powering Trusted Identities

Abstract:  

TRUSTED PEOPLE

It's important to verify that the person requesting access is who they say they are. From employees to contractors, partners to customers, HID Global uses advanced multifactor authenticators to verify credentials comprehensively and seamlessly before granting access.

TRUSTED TRANSACTIONS

The transactions are ever-increasing, as are the risks for fraud. Whether it’s financial information, healthcare data, or simply sending emails and e signing documents securely, HID Global’s authentication solutions can handle.

TRUSTED DEVICES

With the growth of IoT, protecting the smart devices on any network is critical to avoiding security breaches. HID Global’s trusted solutions authenticate devices and infrastructure to protect communications and data while they’re being transmitted digitally.

TRUSTED PLACES

Securing both digital and physical spaces pose their own unique challenges. HID Global is the world leader in physical identity and access solutions, providing a safe environment for employees, visitors and contractors. HID Global can also protect communications and transactions to the website or portal, and increase the customer’s confidence.

MEETING FEES:
  • Meetings free to (ISC)² certificate holders in good standing. 2 x CPE's will be recorded and submitted to (ISC)² on your behalf.
  • Non-member entrance fee : $10.00
 
Local InfoSec & hacker social gatherings of note:
CURRENT EVENTS:

ISACA Silicon Valley Spring Conference

Date: May 3 & 4 2018
Location: Biltmore Hotel and Suites Santa Clara Hotel

Theme: Cybersecurity, Governance & GDPR
Conference Website https://isacasv.wixsite.com/2018springconf




April 2018 Chapter Newsletter
and Meeting Announcement

In This Newsletter:

  • Chapter meeting details and agenda for 10 April:
    • Jonathan Hare - Quantum Privacy and Proof of Trust Blockchain - Eliminating the Conflict between Privacy, Policy Enforcement and Sharing
    • Lan Jenson - CyberSecure the US with the Ultimate Power of the Society
    • Presidents update:
      • (ISC)² Chapter Leadership Task Force update
      • Silicon Valley Cybersecurity Alliance 
      • Cybersecurity in the news this month (by member request)
      • Non-member entrance fee (new)
  • Local InfoSec & hacker social gatherings of note
  • Other upcoming events

April Chapter Meeting Details:


WHEN: Tuesday, April 10th, 2018 @ 5:30PM
WHERE: Palo Alto Networks - Building 1: 3000 Tannery Way, Santa Clara, 95054
SCHEDULE:
  • 5:30-6:00PM - Nosh and Networking
  • 6:00-6:30PM - Presidents update 
  • 6:30-7:15PM - Jonathan Hare - Quantum Privacy and Proof of Trust BlockChain – Eliminating the Conflict between Privacy, Policy Enforcement and Sharing
  • 7:15-7:45PM - Lan Jenson - CyberSecure the US with the Ultimate Power of the Society
  • 7:45-8:00PM - Q&A, Meeting Close
Speaker 1 Details:
Jonathan Hare, CEO of WebShield Inc. and co-founder of EP3 Foundation (Empowering People with Privacy and Personalization)

Speaker Bio:
Jonathan is a serial entrepreneur and technology executive and has broad expertise in Internet and enterprise software, security and privacy technology, electronic health records, healthcare, and education policy, etc. He has been a member of the Health IT Standards Panel's Security and Privacy Technical Committee, the Identity Credential Management Working Group, the Markle Foundation Consumer Authentication Working Group, and the Markle Foundation Personal Health Technology Council. He has testified before Congress on Health IT policies. He has broad expertise in privacy, cybersecurity, cloud technology, informatics, and legal and regulatory compliance.

He has been granted three patents for trusted social networking, identity syndication, privacy-preserving data sharing and analytics. He was Founder, CTO and Executive Chairman of Resilient Network Systems, where he pioneered novel approaches to trusted networking. He was also founder and CEO of Consilient, Inc. an internet software firm which pioneered XML-based collaborative application technology. Earlier, he was founding CEO of Evolve Software, an enterprise software vendor which pioneered a new application market, and went public in 2000. Jonathan has held executive, management and technical positions at Teseract, Microsoft, Cornerstone Research, Strategic Planning Associates, and Impell Corporation. Jonathan received his MBA from Stanford Graduate School of Business, where he was an Arjay Miller Scholar. He was a Regents and Chancellors Scholar at UC Berkeley, where he majored in Industrial Engineering and Operations Research.

Speech Title

Quantum Privacy and Proof of Trust BlockChain – Eliminating the Conflict between Privacy, Policy Enforcement and Sharing

Abstract:  

Quantum Privacy and the Proof of Trust BlockChain enable organizations and individuals to anonymize, secure, combine, analyze, reuse and monetize sensitive private data.  The functionalities are performed in real-time and at global scale.   Simultaneously, all necessary regulatory, licensing, privacy and security requirements are inherently adhered to.  

This empowers individuals to conveniently find, access and securely share information about themselves.  It also enables them to grant authorization, to directly control policies for privacy, security and personalization, hence effectively putting an end to identity theft and data breaches. Organizations gain the ability to pool their resources to support global big data analytics and precision personalization. 

Proof of Trust BlockChain overcomes the performance, governance and cybersecurity limitations of traditional “Proof of Work” Block Chain. It unifies both the consumer cloud and enterprise technology ecosystems and creates a vast global exchange market and marketplace for anything.

Speaker 2 Details:
Lan Jenson 
CEO, Adaptable Security (Ada for short)
Board of Directors, ISC2 Silicon Valley Chapter

Speaker Bio:
Lan Jenson is a certified award winning cybersecurity leader with 15+ years of experience in Fortune 500 companies. As CEO of Adaptable Security, Lan is responsible for the first nonprofit platform that provides unbiased security ratings and enables better security for organizations by matching their needs with expert volunteers. 

Prior to leading Ada, Lan led her team to track down hackers and enabled the Secret Service to make arrests.  Lan's responsibilities grew to include leading large-scale cybersecurity strategy, policy, compliance and awareness programs, as well as automating detection capabilities. 

Lan also serves as the IoT cybersecurity lead in NIST and DHS-led Smart and Secure Cities and Communities Challenge besides the Board of Directors, ISC2 Silicon Valley Chapter. Lan holds a Master of Science in Management of Information Systems from Boston University.

Title:
CyberSecure the US with the Ultimate Power of the Society

Abstract:
Learned helplessness about cybersecurity is in the air. Millions of people are affected by data breaches, which continue to climb since 2005 despte increased cybersecurity investments; Six out of 10 smaller businesses go bankrupt after being hacked; 90% of data breaches are rooted in people behavior. 

Einstein defines insanity as doing the same thing over and over again and expecting different results. We need a way to break out of the security insanity and learned helplessness. Adaptable Security (Ada for short) introduces a way to make cybersecurity relevant for people, hence different behavior and results.

Use cases:
Consumers: 76% want to switch to businesses with safe data practices, but have no idea which businesses are safer. Ada lets them know.
Business decision makers: Ada enables them to see Return On Security Investment (ROSI), hence invest cost-effectively rather than after a severe data breach. 
Non-member entrance fee starting April 10th:
We are a 501(c)(6) non-profit trade association, and our bylaws specifically admit only those who have an (ISC)² certificate in good standing. However, due to the high number of recent non-member drop-ins to our meetings the board has decided to charge a $10.00 fee for one-time non-member access to our meetings. The $10 fee must be paid by check or in cash at the time of entrance. Make checks payable to: (ISC)² Silicon Valley Chapter. We thank you for your cooperation. 
Local InfoSec & hacker social gatherings of note:
Current Events:
2018 Part I RSA Conference will begin on
Monday, April 16
and ends on
Friday, April 20

(ISC)² Registration Discount Code: 18UISC2FD ($200 off full conference pass)

https://www.rsaconference.com/



****************

March 2018 Chapter Newsletter and Meeting Announcement

****************


We look forward to seeing you at the meeting next Tuesday, March 13th at Palo Alto Networks in Santa Clara!
We are excited to announce that due to high attendance we are expanding into a second room starting at the next meeting. Thanks to chapter Secretary Peter Ngo for arranging this with PAN!


In the newsletter:

  •  Chapter meeting details for 13 March - Chris Webber of SafeBreach
  •  Local InfoSec & hacker social gatherings of note
  •  Other upcoming events
     

March 13th meeting:

Heroes vs Villains: Winning by Understanding the Adversary

From Marvel, to DC, to a galaxy far, far away -- we are currently inundated with stories of good triumphing over evil. Too bad the same can’t be said for the current state of cyber security. Our heroes are fighting valiantly, but the bad guys seem to have the upper hand. Join Chris Webber, Security Strategist from SafeBreach, for a session highlighting how we can all take a lesson from attackers, to rise above attacks, and start a new chapter in this cyber saga.
In this session we’ll show:
 

  • How enterprises likely already have what they need to win
  • Why you should spend zero days worrying about 0days
  • How to prove security is working (before attackers prove it’s not)

 
Highlighting the value of a new technology, called Breach and Attack Simulation, Webber will show how defenders can easily visualize the cyber kill chain, pinpoint where to stop attacks most easily, and prove their security effectiveness over time.  

Highlighting the value of a new technology, called Breach and Attack Simulation, Webber will show how defenders can easily visualize the cyber kill chain, pinpoint where to stop attacks most easily, and prove their security effectiveness over time.  

Webber will also cover recent trends in attacks, pulled from real production environments - and how these trends can be overcome with little effort, or investment.  It’s not too good to be true, and it’s not a fairy tale, it’s just time for the heroes to win.

Bio:
Chris Webber is a security wonk, a product guy, and a recovering IT professional. Having spent time at both Silicon Valley startups and global powerhouses before joining SafeBreach, Webber developed his particular slant on enterprise security at companies like Zscaler, Blue Coat Systems, Centrify, and Good Technology. Tweet him @WebberGS


Chapter meeting location:

We have locked in the venue at Palo Alto Networks as our confirmed meeting site for the first half of 2018 (with an option for the whole year). Thank you to Peter Ngo and PAN for arranging these facilities on behalf of the chapter!
Newcomers should note that parking and access to facilities is simple and easy, and everyone is expected to sign an NDA at the door.
When:
        13 February, 2018
        (The second Tuesday of the month)
        Starting at 5:30 PM PT
Itinerary:

  •         5:30 PM PT - Nosh and networking
  •         6:00 PM PT - Chapter business and announcements with presentation(s) following
  •         Chapter board sync up afterwards
 Where:
        Palo Alto Networks
        Building 1, training room #6
        Address:
            3000 Tannery Way
            Santa Clara, CA 95054            
  •         Note you will need to sign in and agree to their NDA at the physica security desk (in building 1).
  •         Parking: ISC2 members can park in the visitor parking, or parking structure P1 South.

 Location and meeting details can also be found on our (new) website:
https://sites.google.com/a/isc2-siliconvalley-chapter.org/isc2-silicon-valley-chapter/meetings 


Local InfoSec & hacker social gatherings of note:


Other upcoming events of note:

As you are aware, ISACA Silicon valley chapter is a part of ISACA Global, a non profit organization with a mission to serve our membership by providing world-class training, networking opportunities, and guidance in the areas of IT audit, control and security.

ISACA Silicon Valley has an upcoming one day training program "Building and Maintaining a Robust GDPR Program" on Friday March 23, 2018.

Here is the link to the program : https://goo.gl/RfF7ft

Early bird pricing is available until 10th March. Additionally our members get a special discount of $25 on non-member pricing by using coupon code 'ISACAPARTNER'.

Please feel free to reach out to Sakthi (contact information below) if you have any questions. 
-- 
Sakthiswaran Rangaraju, CIA, CISA, CISSP
ISACA - Silicon Valley
Marketing & Communications Director
https://www.linkedin.com/in/isacasv

https://twitter.com/isacasv
--

The ISC2 East Bay Chapter is Hosting an Event this Friday:


MARCH 9, 2018 – CYBERSECURITY IN THE GOVERNMENT SECTOR CONFERENCE
Details available at: https://isc2-eastbay-chapter.org
--

RSA Conference 2018 takes place April 16 to 20 in San Francisco:

https://www.rsaconference.com/events/us18

--

*************************

13 February 2018 Chapter Newsletter and Meeting Announcement

*************************

Greetings fellow information security professionals,

This month we are excited to announce a successful migration from our legacy hosting provider to the Google g-suite: now used for all chapter hosting, web, email, storage, & calendaring, the one exception to this suite is that mailchimp will be used for our mailing lists due to limitations in the G-suite mass mail capabilities. This move greatly simplifies chapter operations and workflows for the extended board, and sets us in the direction of the CMMI level 3 goals I discussed at the last meeting. Next steps are to focus on surveying members so that we can take a data-driven approach to delivering content you want to see at future meetings and events - more to come on this in the near future. 

For this months talk I am delighted to welcome colleague Aftab Mahmood to present on the evolution of threat modeling in agile SDL environments. While many of you may be familiar with threat modeling methodologies, there is no single industry accepted practice today. This talk seeks to explore a more complete and holistic methodology for use in rapidly moving agile environments that are becoming commonplace. I expect this talk will be both fun and controversial as we explore the evolving world of threat modeling together.

To add some additional context I will kick off the talk in the ‘President's Corner’ by first giving an overview of threat modeling and risk assessments based on NIST 800-30 three tier organizational risk assessment - with a goal of to helping to tie the technology process into the business ecosystem (the board level view).

We look forward to seeing you at the meeting next Tuesday, Feb 13th at Palo Alto Networks in Santa Clara!
 


In the newsletter:

  •  Chapter meeting details for 13 February - Aftab Mahmood
  •  Local InfoSec & hacker social gatherings of note
  •  Other upcoming events
     

February 13th meeting:

The Evolution of Threat Modeling in the Agile Secure Development Lifecycle - Aftab Mahmood, Veritas Technologies, LLC.
 

Abstract:

Threat modeling is traditionally referred as a structured process to assess security risks associated with a system. The risk is assessed by analyzing the impact of a threat and likelihood of its occurrence.

Microsoft recommends applying this approach during design phase of software product development so that security vulnerabilities can be identified and appropriate mitigations can be established.

Through our Product Security Group (PSG) experience we learned that this approach may not work well during software product development. It is due to the fact that a software product generally evolves through many iterations of development cycles. Undefined software requirements and unstable software architecture make it extremely difficult to follow a traditional approach to drive a threat model.

In this presentation we will discuss threat modeling process, its activities, their order, and a structure to document it, in the context of software product development lifecycle (SDL/SDLC).
 

Bio:

Aftab Mahmood is a security architect with Product Security Group at Veritas Technologies, LLC. He has over 20 years of experience in software product development. He enjoys developing security sensitive software components. His areas of interest include key management, certificate-based identity management and multiparty encryption. His is passionate about secure software development and evangelizing others for the adoption of secure development practices. He is GIAC certified Secure Java Programmer(GSSP-JAVA) and IEEE Certified Software Development Professional (CSDP). He acquired his education in software security from Stanford University and degree in Computer Science from Asian Institute of Technology.

Before joining Veritas, Aftab was as a principal engineer at Citrix where he developed Zenprise mobile device management server; prior to that he was as a staff engineer at Serena software where he developed multi tenant business workflow engine; and at Zeiss Meditech, he developed data integration server for distributed ophthalmology instruments.
 


Local InfoSec & hacker social gatherings of note:


Other upcoming events of note:

Cyber Security Summit: Silicon Valley - Tuesday Feb 13th, 2018:

https://cybersummitusa.com/siliconvalley18/

 RSA Conference 2018 takes place April 16 to 20 in San Francisco:

https://www.rsaconference.com/events/us18

Thank you,

-Forrest

Forrest R. Foster
President, (ISC)2 Silicon Valley Chapter

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

*************************
9 January 2018 Chapter Meeting
*************************
Happy New Year and Welcome to 2018!

This month is focused on transitions to help carry the chapter forward into 2018 - with new meeting facilities and a new board of directors now firmly established, and we are delighted to feature this months speaker Rene Kolga, with a talk on “Positive vs. Negative Security Model - Taking a Fresh Look at Endpoint Protection”.

We look forward to seeing you at the meeting next Tuesday, Jan 9th at Palo Alto Networks in Santa Clara.

In the newsletter:
- New chapter meeting site - locked in at Palo Alto Networks (PAN) in Santa Clara
- Chapter meeting details for 09 January - Rene Kolga
- Chapter election results - new board
- Website / Logo / Hosting changes - coming Jan/Feb 2018
- Member surveys coming
- Local InfoSec & hacker social gatherings of note
- Other upcoming events

***********
New chapter meeting location
***********
We have locked in the venue at Palo Alto Networks as our confirmed meeting site for the first half of 2018 (with an option for the whole year). Thank you to Peter Ngo and PAN for arranging these facilities on behalf of the chapter!

Newcomers should note that parking and access to facilities is simple and easy, and everyone is expected to sign an NDA at the door to release the host of liability.

***********
January 09 meeting
***********

Positive vs. Negative Security Model - Taking a Fresh Look at Endpoint Protection - Rene Kolga

In 2005 The Six Dumbest Ideas in Computer Security article Marcus Ranum stated that “sometime around 1992 the amount of Badness in the Internet began to vastly outweigh the amount of Goodness”. So why more than two and a half decades later are we still chasing the “badness” and applying the Negative Security model in the vast majority of the security products? Even a 7-year old malware easily passes through traditional antivirus products after a basic obfuscation using a crypter or a packer or multitude of other off-the-shelf tools available. So called Next Generation antivirus (NGAV) products have promised the “silver bullet” against malware in a form of machine learning (ML)/artificial intelligence (AI). However, overall effectiveness of protection increased only marginally. 
To detect unknown malware, organizations need a new approach that doesn’t rely on malware signatures and learning from what past malware looks like and how it behaves. This Negative Security Model approach that detects “the bad” falls short because it can’t keep up with a practically infinite number of new malware samples. A Positive Security Model that focuses on understanding a finite set of legitimate system behavior offers more foolproof protection. When behavior isn’t following a normal path, the Positive Security Model assumes it’s “bad” and prevents it from executing, no matter what attack vector or method is being used.
This talk provides an overview of Positive and Negative Security models, their pro's and con's as well as suggests a new approach to the Positive Security application for endpoint protection.

Rene Kolga heads Product Management for North America at Nyotron. Prior to working at Nyotron, Rene was Head of Product at ThinAir. Rene also spent eight years at Symantec, where he led multiple enterprise security product lines in the areas of encryption and endpoint security as well as endpoint management, backup and business intelligence. Additionally, Rene led dozens of product teams at SolarCity, Citrix and Altiris. He has also built European Support and QA teams for a number of US-based companies. 
Rene earned his Computer Science degree from Tallinn University of Technology. He also received an MBA from University of Utah. Rene holds an up-to-date CISSP certification since 2011.  

When:
        09 January 2018
        (The second Tuesday of the month)
        Starting at 5:30 PM PT

Itinerary:
        5:30 PM PT - Nosh and networking (Food theme: Mexican)
        6 PM PT - Chapter business and announcements with presentation(s) following
        Chapter board sync up afterwards

Where:
        Palo Alto Networks
        Building 1, training room #6

        Address:
                3000 Tannery Way
                Santa Clara, CA 95054
                Nearest cross street is Bowers Ave & Scott Blvd

        Note you will need to sign in and agree to their NDA at the physical
        security desk (in building 1).

        Parking: ISC2 members can park in the visitor parking, or parking
        structure P1 South.

Location and meeting details can be found on our website:

Note that chapter meetings are held on the second Tuesday of the month,
announced at least a week prior via email and our web site.

***********
Chapter election results
***********
We thank Tim O’Brien, the previous board of directors, and all of the unofficial volunteers (you know who you are) for all of the hard work they’ve done to keep the chapter up and running to this point, we are grateful for your time and efforts!

The election results are in, and we welcome our new board to carry us through the 2018 calendar year:

President:
-Forrest Foster
Secretary:
-Peter Ngo
Treasury:
-Anna Pasupathy (incumbent)
Membership Chair:
-Ravi Ramaanujan
Communications:
-Lan Jenson

***********
Website, logo, and hosting changes
***********
Due to requirements by ISC2 National we are obligated to update our logos to the new official standard, and due to the need for new hosting provider for our email and web, we have decided to migrate the website, email, and hosting to Google G-Suite. This transition will provide the chapter with new data management capabilities that will help streamline and simplify chapter operations - these changes will be tied into workflow changes for the chapter officer roles, with a goal of making each role operate using turkey processes and automation where possible. Stay tuned for more information at the January 9th meeting on this topic.

***********
Member surveys coming
***********
The goal of this chapter is to serve the community of members, as such we will be conducting surveys in the first half of 2018 to help ensure the chapter is on par with it’s members needs and expectations. Please bring your thoughts and ideas for the type of chapter events you would like to see in the future to the upcoming meetings, then watch for the surveys and please take the time to fill them out so that your voice (as a voting member) can be included.

***********
Thanks to our chapter meeting sponsor
***********
Unfortunately, we do not have a sponsor for this month's chapter
meeting. If you know an organization or employer that would be
interested and willing to sponsor, have them reach out to the chapter
treasurer.

Please note that all members are welcome (and encouraged) to help identify sponsors and speakers for the chapter on an ongoing basis.

***********
Local InfoSec & hacker social gatherings of note
***********
@Si1isec and www.si1isec.org
First Thursday, 7 PM at The Firehouse brewpub, Sunnyvale

Third Tuesday, Patriot House in SF

HoodSec - @hoodsec and www.hoodsec.org
last Thursday of every month at Radio Bar, Oakland

ISACA Silicon Valley Chapter, meetings usually held mid-month, with education and training events throughout the year: http://www.isaca.org/chapters8/silicon-valley/Pages/default.aspx

***********
Other upcoming events of note
***********
RSA Conference 2018 takes place April 16 to 20 in San Francisco

I am delighted to work with all of you in this role, and look forward to the year ahead!

-Forrest

Forrest R. Foster
President, ISC2 Silicon Valley Chapter

(ISC)2 Silicon Valley Chapter online presence and social media:
Previous Meetings
*************************
12 December 2017 Chapter Meeting
*************************
Hello chapter members and fellow information security professionals,

Welcome to National Critical Infrastructure Protection Month, at least
by presidential proclamation. The end of the fiscal year for many, with
the end of the year and the holidays adds opportunities for family and
fun – and more stress for many of us.

This month's meeting will be the first meeting at our new meeting
location – the training center at Palo Alto Networks (PAN) in Santa
Clara. Additionally, our meeting on 12 December is the final opportunity
for 2018 chapter board member nominations, with the election of 2018
board members following. Details on chapter members nominated, as well
as our technical, educational topic for the meeting is detailed below.

In the newsletter:
- New Chapter meeting location & new attendance procedures
- Chapter elections
- Chapter meeting details for 12 December
- Local InfoSec & hacker social gatherings of note
- Other upcoming events
 
***********
Chapter elections
***********
The December 12 meeting completes our chapter's election process; with
final nominations taken during chapter meeting, and then our election
occurring. The chapter election will be conducted by the election
committee, headed by the election committee chairperson Tim O'Brien.
Those that are interested in running for or nominating a chapter member
for a board position should review our chapter bylaws, and talk (or
email) with a representative of the election committee.

Currently the election committee has registered the nominations for the
election of 2018 chapter board members listed as follows. Those
candidates that submitted a blurb detailing their underground and wishes
are also included.

President
-Forrest Foster
Forrest Foster is a veteran cyber security risk and assurance
professional with nearly 28 years' experience in the technology and
telecommunications market sectors.  Forrest develops strategies to align
organizational goals to people, process, and technology systems with a
bias for action, and long history of demonstrated results.
Forrest’s career spans nearly 3 decades working with global Fortune 500
enterprises; he brings specialization in the area of IT systems risk and
compliance management for large scale distributed heterogeneous networks
and datacenters operating in a global cloud partner ecosystem.
From an extracurricular perspective, Forrest is a guest lecturer and
speaker for educational organizations and industry events including the
McCombs School of Business at UT Austin, ISC2 Congress, ISC2 Chapter
Leadership forums at RSA, and the Austin IT Symposium.  Forrest
co-founded and led the ISC2 Austin Chapter as president from 2013 to
2015, and has contributed to the CISSP education and exam tracks and
CCSP exam and standards tracks as an item writer and developer for ISC2,
and developer / contributor for the GTAG on cyber security for the IIA.
Forrest currently leads the Governance, Risk, and Compliance function
within the Product Security Group at Veritas Technologies, LLC – a
privately held company, and is an active member of International
Information Systems Security Certification Consortium (ISC2), the
Information Systems Audit and Control Association (ISACA), and Institute
of Internal Auditors (IIA), with active CISSP, CISA, and CNSS-I
certifications.  Forrest lives in Cupertino with his wife and two sons,
and enjoys spending time with family, cooking, and playing music in his
free time.

My ISC2 Silicon Valley Chapter Goals:

My goals for the ISC2 Silicon Valley chapter are to ensure the chapter
has the personnel, facilities, processes, and funding necessary to carry
the chapter forward into the next phase of its lifecycle, so that it may
optimally serve the needs of the member community to which it belongs.
Immediate post-election goals would be to guarantee the chapter has
secured a venue for the 2018 meetings, and that we have filled all open
positions on the board – as these are top risks and concerns today.
From there, we would perform bylaw and documentation reviews and a high
level risk/gap assessment so that we have a prioritized list of
actionable items to work off-of.  From there we set goals to ensure the
chapter remains operationally sound through the handoff and transition
to new leadership.

Some items that I am aware of a need for immediate attention are:

•      Meeting venue for 2018.
•      Speakers/talks/panels for 2018.
•      Fund raising / treasury enhancement events/opportunities /
sponsorships.
•      Website / portal hosting strategy (review/keep/change?).
•      Adapting to changes related to governance and administration
with ISC2 national chapter leadership in 2018.

Qualifications for candidacy:

What I bring to the chapter is the experience and knowledge of what it
takes to build an ISC2 chapter from the ground up, an established
relationship with ISC2 national and several regional chapters, and a
wealth of knowledge gained during my long career working for technology
and telecommunications companies in Silicon Valley.  My passions are
governance and administration, and my management beliefs are strongly
rooted in service-based leadership principles - where leadership focus
is on serving the needs of the community and organization being
supporting at any given time.  If elected chapter president I will
strive to serve the ISC2 Silicon Valley chapter members in alignment
with ISC2 national and global leadership, as well as our regional
partner ecosystem.

Thank you for your time and consideration.

-Forrest R. Foster

Treasurer
The current treasurer, Anna has nominated herself for re-election.

Secretary
-Peter Ngo
Peter Ngo currently leads Governance and Risk Management within
Information Security at Palo Alto Networks.  His professional
certification includes CISSP, CISM and CISA.  His professional
experiences included stints with Hewlett Packard Inc., ABB, Warner Bros,
Disney and Ernst & Young and spans across SE Asia (Vietnam, Cambodia and
Laos), and US.

Peter is an active member of ISC2 and ISACA Silicon Valley chapter since
2016, and was assistant membership chairperson for ISACA Los Angeles in
2013.  He was also an active member of ISACA Houston chapter from 2013-2016.

-Aloke Bhandia
(not submitted by press time)

-Joe Park
Fellows,
I am Joe Park.  I am running for a secretary of ISC2 of Silicon Valley
Chapter for the 2018.  I am running my cybersecurity company that
programs endpoint encryption software.  I have been a member since July
2017.  Over several months of participations, I have realized that
greater challenges of our chapter face are two things: revenues and
industry involvement including guest speakers.
If I am elected I would like to solve these two problems.

Here is what I will do:
-Reach out to venture capital/startup community and sets up
relationships in exchange of our views/advices on cybersecurity
companies they evaluate/fund.
-We invite them to our meetings to offer our advices, relationships and
as potential customers.  In return, they will pay small contributions
and dinners for our members. They would love to do this!
-The goal is to solve the said problems and have our chapter known to
other professional communities.  And I will do this if I am elected as a
secretary.

I know several of VCs and they have a skill gap in evaluation what's the
right companies/investments for them.  We can help and grow ourselves as
being the real premium ISC2 chapter.

Communications
-Lan Jenson
Lan has been an active chapter member and volunteer for several years.
Lan volunteered at conference booths and introduced two of the speakers
to the chapter last year. As a chapter delegate, Lan attended ISC2’s
Security Congress 2017, where she spoke with chapter leaders and ISC2
leadership and built productive connections with them.

Lan has experience building social media presence from scratch. For
example, Lan’s twitter received Cisco’s Chief Security and Trust Officer
John Stewart’s appreciation, and LinkedIn account received San Jose
CIO’s appreciation.

As the CEO of Adaptable Security (Ada for short), Lan is committed to
spreading cybersecurity to government agencies, nonprofits and small and
medium-sized businesses, as well as consumers through neighbor-speak.
In the Communications role on the Chapter Board, Lan is committed to
implementing the Board’s directives timely and contributing her
communications, social media and project management skills for the best
outcome.


Membership chairperson
-Wen -Pai Lu
(not submitted by press time)

-Aloke Bhandia
(not submitted by press time)

If there are omissions, corrections, or you wish to nominate someone –
or even yourself – please email the election committee chairperson at
president at isc2-siliconvalley-chapter.org before December 11, 2017.
All chapter members are eligible for nomination and to vote, as long as
they are in good standing with the chapter and (ISC)2. Further details
on the election process, responsibilities for each board member, as well
as the election committee can be found in our chapter bylaws:

***********
Chapter meeting
***********

This month we have Matthew Brazil to provide an overview of things to
know about doing business in China, how Xi Jinping's ascent has changed
business conditions for foreign companies, and how to mitigate rising
business risk there.

Title:
ROI, China: Opportunity and Risk in the Era of Xi Jinping.

Abstract:
As China’s relations with the U.S., Japan, and other trading partners
come under increasing political pressure, the risk for American firms in
China is on the rise. Americans there feel “less welcomed,” according to
the 2016 U.S. – China Business Council’s authoritative annual survey.
Moreover, foreign investment appears to be cooling off as the Chinese
economy permanently shifts away from double-digit growth.
Meanwhile, stricter regulations and a seemingly desperate anti-spy
campaign by Chinese security agencies may have led to detentions of
foreigners, including the recent beating by PRC State Security agents of
an American diplomat.
Nonetheless, China remains a compelling international business priority.
Though there is clearly heightened risk in China for American and other
foreign business people, there are also clear steps that firms can take
to mitigate risk on the ground and better understand official Chinese
and American cyber collection priorities.

Presenter:  Matthew Brazil, Ph.D.; Madeira Security Consulting

Matthew Brazil, Ph.D. is a non-resident Fellow at The Jamestown
Foundation. He worked in Asia for over 20 years as an Army officer,
American diplomat, and corporate security manager. Matt runs Madeira
Security Consulting, in San Jose, California, specializing in advice to
Silicon Valley companies doing business in China. With Peter Mattis, he
is the co-author of a work on Chinese intelligence operations to be
published in 2018-19 by The Naval Institute Press.
*************************
14 November 2017 Chapter Meeting
*************************
Hello chapter members and fellow information security professionals,

Welcome to NoSHAVEmber (AKA NoShaveNovember, or Movember) – though the better 
half in our life would prefer that we males do not participate in such 
line with the holidays rather than the coworker that came to mind.
shenanigans. It is also adopt a turkey month – but that is more in
on 14 November we will continue nominations for 2018 chapter officers; as well 
This is another important month for the chapter. At our chapter meeting 
as have another intriguing topic for your enjoyment.

- Silicon Valley ISACA announces their Fall 2017 Conference

In the newsletter:
- Results of Special Board meeting
- Chapter elections
- Chapter meeting details for 14 November
Due to the resignation of our Membership chair, we conducted a special meeting 
- Local InfoSec & hacker social gatherings of note
- Other upcoming events

***********
Results of Special Board meeting
***********
will be fulfilling the Membership chairperson role for the completion of 2017. 
of the board to elect a replacement after our October chapter meeting. In this 
meeting, the board voted to accept the nomination of Forrest Foster. Forrest 
Thank you Forrest for your assistance, and to the Board for their time and 
With his background and experience as a member of (ISC)2 (including founding 
president for the Austin (ISC)2 chapter); Forrest should be a great addition 
to the board and to our chapter.
assistance in working a resolution.
with the President's suggestion: since the current president (Tim O'Brien) is 
Additionally, our the board discussed the resignation of Tim Tiegarden as the 
election committee chairperson due to work obligations in early December; 
preventing him from facilitating the chapter elections. The board concurred 
Chapter elections
terming out and not running for a different position on the board, it would 
be appropriate (and inline with our bylaws) for Tim O'Brien to chair the 
election committee. Thanks to Tim O'Brien for his assistance in the election 
process, and facilitating the chapter's path into 2018.

***********
the chapter is by participating in the election – and by running for one of 
***********
Here is your opportunity: Reluctant to attend meetings for some reason? Would 
like to see the chapter be better? Are you in good standing with (ISC)2 and 
the chapter; and have an (ISC)2 certification? Your chance to help influence 
our board positions.

Election committee, headed by the election committee chairperson Tim O'Brien, assisted 
The November meeting continues our chapter's election process; with nominations 
taken during chapter meeting, and our election occurring the December chapter 
annual meeting. The chapter election will be conducted by the election 
by committee members Lan Jenson and Joe Park.
are in good standing with the chapter and (ISC)2. Further details on the 
Those that are interested in running for or nominating a chapter member for 
a board position should review our chapter bylaws, and talk (or email) with a 
representative of the election committee.

All chapter members are eligible for nomination and to vote, as long as they 
election process, responsibilities for each board member, as well
as the election committee can be found in our chapter bylaws:

All positions on the chapter board are up for nominations. There are board 
members that are looking to move on (or have termed out), providing an 
efforts of the chapter they feel need improvement. Everyone of the board 
opportunity for chapter members (you, the reader) to focus on areas and 
getting worthwhile leadership and local chapter experience. The board strongly 
positions are key for the success of the chapter – and you the chapter member 
Currently the election committee has registered the nominations for the 
urges you to step up and participate – step up and help lead your fellow 
information security professionals into 2018.

Secretary
election of 2018 chapter board members as:
President
Forrest Foster
Treasurer
The current treasurer, Anna has nominated herself for re-election.
Peter Ngo
or even yourself – please email the election committee chairperson at
Communications
Bill Casti
Membership chairperson
Wen -Pai Lu
If there are omissions, corrections, or you wish to nominate someone –
This month we have Bam Azizi to discuss the Zero Trust model and how 
president at isc2-siliconvalley-chapter.org before November 20, 2017.

***********
Chapter meeting
***********

authentication is a key piece to this model.

Title:
happening. 15% of companies globally stated that sensitive data was probably 
Future of authentication with Zero Trust model

Abstract:
Despite the massive investments poured into cybersecurity, data breaches keep 
down to this: The old paradigm of cybersecurity— focused on protecting the 
breached in 2016, and that’s probably an underestimate. There are many causes 
for the surge in data breaches, but many common cybersecurity problems come 
of cybersecurity rest upon the old adage “trust but verify,” the Zero Trust 
perimeter of a network — just doesn’t work well in a modern computing 
environment. We need a new framework, the Zero Trust model. While older forms 
model can be better defined as “never trust and always verify.” Forrester 
included. Therefore, the default should be to provide users with access that is 
Research first coined the term “Zero Trust.” The basic idea behind the paradigm 
is that no one should be automatically trusted with sensitive data, end users 
as limited as possible. Internal activity needs to be monitored carefully and 
users must authenticate themselves multiple times when necessary.
with 12% clicking on malicious attachments. Only 3% of targets will report the 
Zero Trust acknowledges the reality of today’s networking environment. The 
uncomfortable truth is that many data breaches are caused by internal users’ 
actions, whether accidental or deliberate. Verizon’s 2016 Data Breach 
Investigations Report found that 30% of all users will open phishing emails, 
phishing incident to upper management.
To improve your cyber safety and begin the process of implementing Zero Trust, 
The Zero Trust model is recommended by a report issued by the U.S. House of 
Representatives Committee on Oversight and Government Reform. By implementing 
a Zero Trust network, organizations can accommodate new technology trends such 
as BYOD and the cloud without providing open access to sensitive data.
start by taking these three steps:
that the end user really is the same person who has access to corporate data 
Rethink your reliance on passwords and two-factor authentication. As long as 
passwords remain your primary method of authentication, you are reliant on 
users to secure company data—a dubious proposition. Consider no password 
authenticators that doesn’t rely on manual entry of credentials.
Next, implement continuous authentication. This is the only method to ensure 
users who receive access to sensitive data are those who must receive access.
and remains so throughout a user session. Although some methods of continuous 
authentication can be ineffective or onerous for users, NoPassword leverages 
AI technology to provide continuous and adaptive authentication of users.
In conjunction with continuous authentication, adopt best practices for user 
provisioning. Robust user provisioning practices will ensure that the only 

Presenter: Bam Azizi, Co-Founder & CTO, NoPassword 
software driven products. As a computer scientist with a deep knowledge and 
Bam Azizi is the CTO and co-founder of NoPassword. Prior to joining NoPassword, 
he was working on his PhD at Technical University of Munich, and Johns Hopkins 
University. In several research projects, he has
gained experience running research and development labs with over 30 
researchers, scientists, and software developers.

Bam has more than ten years of experience in designing and building complex 
experience in cyber security, cryptography, and machine learning, Bam 
replaces passwords with human factors like biometrics, which prevents 85% of 
designed the architecture and backbone of a complex software driven system 
that provides a highly available modern authentication service to enterprises 
- NoPassword.

Bam worked closely with his development team, partners and customers to build 
the next generation of Identity and Access Management solution. Bam and his 
team continue to work on the biggest challenge in cyber security industry 
which is replacing traditional password-based authentication. NoPassword, 
today’s cyber-attacks.
***********
Thanks to our chapter meeting sponsor
***********
Unfortunately, we do not have a sponsor for this month's chapter meeting. If 
you know an organization or employer that would be interested and willing to 
Silicon Valley ISACA announces their Fall 2017 Conference
sponsor, have them reach out to the chapter treasurer.

***********
***********
2017 at the Biltmore Hotel, 2151 Laurelwood Rd, Santa Clara,CA 
Silicon Valley ISACA announces their Fall 2017 Conference, November 2 & 3, 

The Silicon Valley ISACA Fall conference will focus on internal audit's 
role in reviewing security measures and controls to better understand and 
critical role in cybersecurity. The threat from cyberattacks is significant, 
increasing, and continuously evolving. Internal audit can play an ongoing 
board responsible for mitigating legal and financial liabilities that 
assess the organization's ability to manage relevant risks, and to identify 
opportunities to strengthen overall security and incident recovery 
capabilities. Internal audit has a duty to inform the audit committee and 
acceptable level Cybersecurity auditing  Collaboration between security 
enterprise cybersecurity and privacy controls are adequate and functioning 
correctly. Topics covered will include Developing a cyber security strategy 
and policy Identify, assess and mitigate cyber security risk to an 
Sponsorship package is off the conference page 
and internal audit Recognize external, internal and business partner threats 
Align organization's cyber security program to Cybersecurity Framework

Please join us in making this meeting of minds a success!
Register to attend.  Sponsors are welcome.
Please visit the website to learn more! 

***********

Local InfoSec & hacker social gatherings of note
***********
@Si1isec and www.si1isec.org
First Thursday, 7 PM at The Firehouse brewpub, Sunnyvale

Baysec - https://www.baysec.net/
Third Tuesday, Patriot House in SF

HoodSec - @hoodsec and www.hoodsec.org
last Thursday of every month at Radio Bar, Oakland

***********
Other upcoming events of note
Hushcon West, Dec 8 – 9, 2017, Seattle, WA, USA
***********
SANS SFO Winter 11/27-12/2
SANS Cyber Defense Initiative 2017, Dec 12 – 19, 2017, Washington, DC US
*************************
10 October 2017 Chapter Meeting
*************************
Hello chapter members and fellow information security professionals,
Welcome to October – and Cyber Security Awareness Month, the annual
campaign to raise awareness about the importance of cybersecurity. Would
love to hear what events and initiatives you are implementing in your
organizations, and how the efforts are being received.
This is a busy month for the chapter. Our chapter delegation just returned
from the (ISC)2 Security Congress in Austin, where we were one of the
larger contingents from a west coast chapter. We have a booth at
SecureWorld Bay Area on Thursday, 5 October as well as our chapter meeting
on 10 October where we kick off nominations for 2018 chapter officers as
well as another intriguing topic.
In the newsletter:
- Results of Special Board meeting
- Events of note: SecureWorld Bay Area on 5 October
- Chapter booth at SecureWorld Bay Area
- Chapter elections
- Chapter meeting details
- SAP National Cybersecurity awareness month events
- Local InfoSec & hacker social gatherings of note
- Other upcoming events
***********
Results of Special Board meeting
***********
Due to the resignation of our Membership chair, we conducted a special
meeting of the board to elect a replacement on 12 September 2018, directly
after our September chapter meeting. Unfortunately, the candidates that
volunteered or were nominated all withdrew. Unless a chapter member is
nominated (and voted on by the board), we will not a have a Membership
chair for the rest of 2017 and those duties/responsibilities will not be
covered.
***********
Upcoming events of note: Bay Area SecureWorld Conference, October 5 -
Santa Clara Convention Center
***********
The organizers of Bay Area SecureWorld Conference have offered discount
codes for their conference on October 5 at the Santa Clara Convention
Center. For further details, and the discount codes check out the special
invite page they established for chapter members: https://goo.gl/KE5Mxx
***********
Chapter booth at Bay Area SecureWorld Conference, October 5
***********
With our invite to Bay Area SecureWorld Conference, the organizers have
offered a booth for the chapter at the event. Our communications
chairperson Amir is organizing this effort, looking for at least six
individuals to man the booth through the day. The conference fees would be
waived, with the expectation for those chapter members who volunteered to
help promote our chapter to attendees, taking part in the conference after
their booth duty is complete.
If you are interested in volunteering, contact the chapter communications
chairperson (Amir): communications (at) isc2-siliconvalley-chapter.org
***********
Chapter elections
***********
Here is your opportunity: Reluctant to attend meetings for some reason?
Would like to see the chapter be better? Are you in good standing with
(ISC)2 and the chapter; and have an (ISC)2 certification? Your chance to
help influence the chapter is by participating in the election – and by
running for one of our board positions.
The October meeting starts the chapter's election cycle; with nominations
taken during the October & November chapter meetings, and elections
occurring in the December chapter annual meeting. The chapter election
will be conducted by the election committee, headed by the election
committee chairperson Tim Tegarden, assisted by committee members Lan
Jenson and Joe Park. Those that are interested in running for or
nominating a chapter member for a board position should review our chapter
bylaws, and talk with the election committee.
All voting and board members must be in good standing with the chapter and
(ISC)2. Further details on the election process, responsibilities for each
board member as well as the election committee can be found in our chapter
bylaws:
There are chapter board members that are looking to move on, providing an
opportunity for chapter members (you, the reader) to focus on areas and
efforts of the chapter they feel need improvement. Currently the board has
two open roles to be decided for 2018:
President (due to term limits established in the chapter bylaws)
Membership chairperson
Though these two roles are open for 2018, all board positions can receive
nominations – these are two roles that must be filled for the upcoming
year. Every one of the board positions are key for the success of the
chapter – and you the chapter member getting worthwhile leadership and
local chapter experience. The board strongly urges you to step up and
participate – step up and help lead your fellow information security
professionals into 2018.
***********
Chapter meeting
***********
This month we have our friends from Venafil to discuss machine identities
is useful in security monitoring.
Abstract:
There are two kinds of actors on every network—people and machines—and
both need to be secured. People rely on user names and passwords, but
machines don’t. They use keys and certificates for machine-to-machine
communication and authentication. We spend billions each year securing
user names and passwords, but almost nothing on protecting keys and
certificates.  Cyber criminals take advantage of this. They use
unprotected keys and certificates to eavesdrop on private communications,
make phishing sites or malicious code look valid, and hide their nefarious
activity in encrypted traffic—getting malware in and sensitive data out.
In this session, we’ll discuss the different types of machines identities
and where they proliferate in your network. You’ll see the role and
lifecycle of machine identities, and where we’re falling short in
protecting them.  We’ll then look at where there are current risks as well
as where new risks are emerging. We’ll conclude with steps you can take
immediately to get these risks under control.
5 bullet points that describe what the attendee will learn from your session:
- They’ll understand what comprises machine identities and how these
relate to human identities in the digital world
- They’ll know current risks that leverage unprotected machine identities,
and real-world examples of business impacts
- They’ll recognize where most organizations are falling short in
protecting machine identities
- They’ll get a roadmap on how to gain control of machine identities,
detailing a 4-level process
- They’ll be able to create a customized roadmap that considers the
emerging risks to machine identities
Presenter: Ted Heiman, Account Executive with Venafil
Ted Heiman has over 25 years of experience in the field of cyber security.
His career includes significant experience in secure networking and
access control, as well as data protection and applied cryptography.  Best
known for his role in the deployment of the Common Access Card (CAC) for
the Department of Defense, Ted received a letter of recommendation for his
role in the Gracie award-winning project. Ted also played a critical role
in the deployment of the first online banking solution ever deployed in
the US with Sumitomo Bank of California as well as successful deployment
of the first ever supermarket banking project with Wells Fargo Bank and
Safeway Supermarkets.
***********
Itinerary
***********
5:30 PM PT - Nosh and networking
6 PM PT - Chapter business and announcements
with presentation(s) following
Chapter board sync up afterwards
***********
Thanks to our chapter meeting sponsor
***********
Thank you to Venafil for committing to the Custom participation level for
the chapter. Venafil provides key management & certificate management
solutions for the enterprise and their computing environments. For more
information, check out their web site: https://www.venafi.com/about-us
***********
SAP National Cyber Security awareness month events
***********
In Oct 2017, SAP is inviting security practitioners to join half day
events at multiple bay area locations to celebrate National Cybersecurity
awareness month 2017. All events are free to attend. Register and be a
part of NCSAM initiative by registering at the following URL:
***********
Local InfoSec & hacker social gatherings of note
***********
@Si1isec and Si1isec.org
First Thursday, 7 PM at The Firehouse brewpub, Sunnyvale
Third Tuesday, Patriot House in SF
HoodSec - @hoodsec and hoodsec.org
last Thursday of every month at Radio Bar, Oakland
Pacificon swap meet - http://www.pacificon.org/
Sunday, Oct. 22, 2017, 6:00 AM to 12:00 Noon
San Ramon Marriott Hotel back parking lot
***********
Other upcoming events of note
***********
SecureWorld Bay Area 10/5
PuppetConf San Fran 10/10-12
SANS PHX 10/9-14
SANS DecOps Summit DEN 10/10-17
GrrCON Grand Rapids 10/26-27
O'Reilley Security Conference NY 10/29-11/1
SANS San Diego 10/30-11/4
Community SANS Redwood City (Informatica) SEC573 10/12-17
SANS SFO Winter 11/27-12/2
Hushcon West, Dec 8 – 9, 2017, Seattle, WA, USA
SANS Cyber Defense Initiative 2017, Dec 12 – 19, 2017, Washington, DC US
Previous Meetings
*************************
12 September 2017 Chapter Meeting
*************************
Hello chapter members and fellow information security professionals,

Welcome to September – where the children are back into school, the summer vacations have worn off. Of note, September is National Preparedness Month [https://en.wikipedia.org/wiki/National_Preparedness_Month] – how have you and your family – as well as your organization – prepared for physical disasters? Is your BC/DR plan up to date, and have you practiced it recently?
Hopefully you have your preparations taken care for your Cyber Security Awareness Month activities within your organization in October. If not, why not?
In the newsletter:
- Chapter elections
- Chapter meeting details
- Events of note: SecureWorld Bay Area
- Chapter booth at SecureWorld Bay Area
- (ISC)² Chapter Leadership Meeting (CLM) Delegates
***********
Chapter elections 
***********
Here is your opportunity: Reluctant to attend meetings for some reason? Would like to see the chapter be better? Are you in good standing with (ISC)2 and the chapter; and have an (ISC)2 certification? Your chance to help influence the chapter is by participating in the election – and by running for one of our board positions.
The October meeting starts the chapter's election cycle; with nominations taken during the October & November chapter meetings, and elections occurring in the December chapter annual meeting. The chapter election will be conducted by the election committee, headed by the election committee chairperson Tim Tegarden, assisted by committee members Lan Jenson and Joe Park. Those that are interested in running for or nominating a chapter member for a board position should review our chapter bylaws, and talk with the election committee.
All voting and board members must be in good standing with the chapter and (ISC)2. Further details on the election process, responsibilities for each board member as well as the election committee can be found in our chapter bylaws:

There are chapter board members that are looking to move on, providing an opportunity for chapter members (you, the reader) to focus on areas and efforts of the chapter they feel need improvement. Currently the board has two open roles to be decided for 2018:

              • President (due to term limits established in the chapter bylaws)
              • Membership chairperson
Though these two roles are open for 2018, all board positions can receive nominations – these are two roles that must be filled for the upcoming year. Every one of the board positions are key for the success of the chapter – and you the chapter member getting a worthwhile local chapter experience. The board strongly urges you to step up and participate – step up and help lead your fellow information security professionals into 2018.
***********
Chapter meeting 
***********
This month we have our friends from JASK to discuss how Machine Learning is useful in security monitoring.
Presentation: Behavioral Intrusion Detection at Scale: Case Studies in Machine Learning
Abstract: 
Intrusion detection at scale is one of the most challenging problems a modern enterprise will face while maintaining a global IT infrastructure. Building defensive systems that help automate some of the pain points, in this space, has been a goal since the early days of enterprise security. From an artificial intelligence standpoint, the problem of designing a model to predict adversarial behavior is part of a class of problems that is impossible to automate completely. At the core of the problem lies an underlying no-go principle: threat actors change tactics to evolve with the technological threat surface. This means that to build pattern recognition systems, for cyber defense, we have to design a solution that is capable of learning behaviors of the attackers and to programmatically evolve that learning over time.
In our presentation we outline a solution to this problem using an elastic architecture to scale to the largest corporate datasets. We will deep dive on how we have used elastic architectures and machine learning to build models for detecting 0-day attacks as well as compromised perimeter assets. The first use case is important for current trends because we have seen the delivery of both ransomware and banking Trojans, targeting fortune 500 customers using exploit kits that easily get past IDS. The second use case we highlight is the detection of attacks against the DMZ using a meta graph modeling approach. This is important for the finding more stealthily and advanced actors that engage in long term attack campaigns. We will describe the way we have approached the mitigation of these two types of attacks, along with sharing some related open source data sets that capture these behaviors: https://github.com/jasklabs/blackhat2017
Presenter: Joseph Zadeh, Director of Data Science at JASK
Joseph Zadeh is the Director of Data Science at JASK. Zadeh has an M.S. in Mathematics, Computational Finance and a PhD in Mathematics from Purdue University. Zadeh comes to JASK as one of the foremost experts on AI and security operations. Prior to JASK, he served as Senior Data Scientist at Splunk through the aquisition of Caspida, where he developed behavior-based analytics for intrusion detection. He applied his mathematics background to artificial intelligence and cybersecurity, delivering presentations, such as Multi-Contextual Threat Detection via Machine Learning at Bsides Las Vegas, Defcon, Blackhat and RSA. Previously, Zadeh was part of the data science consulting team on Cyber Security analytics at Greenplum/Pivotal, as well as part of Kaiser Permanente’s first Cyber Security R&D team.
***********
Thanks to our chapter meeting sponsor
***********
Thank you to JASK for committing to the Custom participation level for the chapter. JASK is a startup in San Francisco producing the first AI powered security operations platform. For more information, check out their web site: https://jask.ai
***********
Upcoming events of note: Bay Area SecureWorld Conference, October 5 - Santa Clara Convention Center
***********
The organizers of Bay Area SecureWorld Conference have offered discount codes for their conference on October 5 at the Santa Clara Convention Center. For further details, and the discount codes check out the special invite page they established for chapter members: https://goo.gl/KE5Mxx
***********
Chapter booth at Bay Area SecureWorld Conference, October 5
***********
With our invite to Bay Area SecureWorld Conference, the organizers have offered a booth for the chapter at the event. Our communications chairperson Amir is organizing this effort, looking for at least six individuals to man the booth through the day. The conference fees would be waived, with the expectation for those chapter members who volunteered to help promote our chapter to attendees, taking part in the conference after their booth duty is complete.
If you are interested in volunteering, contact the chapter communications chairperson (Amir): communications (at) isc2-siliconvalley-chapter.org
***********
Chapter delegates to (ISC)² Chapter Leadership Meeting (CLM)
***********
Joining our chapter president Tim O'Brien at the (ISC)² Chapter Leadership Meeting (CLM) in Austin, Texas will be delegates Lan Jenson and Rene Kolga. Thank you Lan and Rene for steeping up to represent your chapter. If you have issues or concerns at the national or international level that need attention during this gathering, please reach out to one of these individuals. 
*************************
08 August 2017 Chapter Meeting
*************************
Welcome to August – the local farmer's markets are overflowing with 
bounty, and with it being Happiness Happens Month as well as National 
Win with Civility Month. Two areas we could use a reminder of as of 
late; considering the battlefield many of us have to work in daily. 
And, do not forget your system administrators on 28 July for SysAdmin 
Hopefully we all return from Vegas and “hacker summer camp” safe and 
sound, as well as rejuvenated for the next year by what we have learned, 
and quality time with friends old & new. 

*********** 
Abstract
*********** 
This month we have our friends from FireEye to discuss how we can 
improve our tabletop exercises and use case scenarios. 

Presentation: Cyber Security Use Case Workshop 
Abstract: 
Detection and prevention is critical, however the job doesn’t stop 
there. Attack preparedness is key! During this workshop, Bruce will link 
use-case scenarios with the anatomy of a targeted attack to demonstrate 
the gaps often overlooked, ultimately saving your team valuable time and 
resources. Additionally, he will dive into real-world examples of cyber 
threat intelligence and how to apply it to all stages of attack 
preparedness. 

Presenter: Bruce Heard 
Manager, Security Consulting Services 
MANDIANT ROLE 
Provide engagement leadership on a variety of security consulting 
service offerings to our clients, including Security Program Assessments 
and Response Readiness Assessments. 
PROFESSIONAL EXPERIENCE 
Prior to joining Mandiant, Mr. Heard had multiple roles with IBM and 
Accenture working as a Global Security Architect, Cyber Security 
Solutions Services Sales Black Belt, Security Manager, and Senior 
Managing Security Consultant. The past five years, he has spent 
developing multi-vendor cyber security solutions for clients involving 
one or more cyber security domains and multi-vendor products, working 
with cross-delivery teams to develop comprehensive client cyber security 
solutions. In addition, he has provided cyber security consulting 
services to clients including SOC, SIEM system architecture, design, 
implementation, and system integration and troubleshooting to ensure 
successful solution delivery. He has supported all phases of building a 
Security Operations Center (SOC) and Security Information and Event 
Management (SIEM) strategy, design, implementation, consulting 
engagements, and governance processes. He has also worked for both 
Electronic Data Systems (EDS) and Hewlett-Packard (HP), providing 
network security architectural design, engineering and implementation 
services for integrated SIEM and SOC security solutions for the 
enterprise and operational business lines based on strategic business 
goals.
*********** 
Itinerary 
*********** 
5:30 PM PT - Nosh and networking 
6 PM PT - Chapter business and announcements 
with presentation(s) following 
Chapter board synch up afterwards
*********** 
Thanks to our chapter meeting sponsor 
*********** 
Thank you to FireEye for committing to the Supporting (Level 1) 
participation level for the chapter. FireEye is an enterprise 
cybersecurity company[1] that provides products and services to protect 
against advanced cyber threats, such as advanced persistent threats and 
spear phishing. For more information, check out their web site: 

*********** 
LinkedIn presence 
*********** 
Some chapter members asked if the chapter can have a LinkedIn presence. 
The board has similar privacy concerns to many board members about using 
the web site; more so now that Microsoft owns the site and with the 
latest privacy policy changes. Though, for those of you that would like 
to help promote the chapter and partake of communications with fellow 
chapter members we have a Group set up for chapter members. 
Additionally, for those who have had leadership roles in the chapter we 
set up a profile so that when adding your leadership experience it can 
be linked back to the chapter. 

If you have any questions, please reach out to the communications 
chairperson or chapter president. 

*********** 
Upcoming events of note 
*********** 
(ISC)² Chapter Leadership Meeting (CLM) 
The (ISC)² Chapter Leadership Meeting (CLM) in Austin, Texas during the 
seventh annual (ISC)² Security Congress on Saturday, September 23 from 
1pm-5pm. It’s a great opportunity to meet face-to-face with (ISC)² 
chapter leaders and (ISC)² staff to share ideas, experiences and 
resources while building relationships during the meeting and throughout 
the week! 
With every CLM, (ISC)² provides company and chapter program updates, and 
offers you the opportunity to present to other leaders about on your 
chapter’s accomplishments and even challenges. The meeting is designed 
to give you the opportunity to share and learn from others. 

The tentative meeting agenda for this meeting includes: 
Welcome & Overview 
Roundtable Introductions 
(ISC)² Announcement and Updates 
Chapter Presentations 
Open Discussion 
Chapter officers and/or delegates (appointed chapter members) are 
invited to attend, and will earn CPEs for participating. If you would 
like to join the Board members that will be attending, please reach out 
to a Board member to become a delegate. 

We look forward to seeing you at the meeting.
*************************
11 July 2017 Chapter Meeting
*************************
Hello chapter members,
Welcome to July, and National Cell Phone Courtesy Month. Hope you all
have your travel plans taken care of for “hacker summer camp” and Vegas
at the end of the month – the lineup for talks at Black Hat, DEFCON,
BSidesVegas, and Tiaracon are looking interesting and thought provoking
as they tend to do.
***********
Chapter meeting
***********
This month we have a special treat from AppSec Consulting – a panel
conversation with some special guests, as well as a presentation.
Presentation 1 – European Data Privacy Laws; the Crossroads of Security
and Privacy
Abstract:  Do you sometimes feel overwhelmed by the scope of information
security and wondered if it’s even possible to be responsible for more
things? Well friends, the answer is yes it’s possible, because European
Privacy requirements are getting some BIG updates. The changes bring
some good news, bad news, and plenty of gray areas to get lost in. So
grab some Tums and come on out to this month’s ISC2 meeting where Ryan
Hogan from AppSec Consulting will try to break it down for you.  If
nothing else you can share the information to line up a bunch of “I told
you so’s”, or maybe get real lucky and leverage it to get a budget for
the things that you need to do to get ready for EU Privacy requirements.
Presenter: Ryan Hogan, Director of Strategic Advisory Services, AppSec
Consulting.
Presentation 2 – Panel Discussion – Service Organization Controls (SOC)
and why InfoSec Should Care
Abstract: The AICPA recently introduced a new audit standard (SSAE18)
for SOC Reports. These improvements were implemented to strengthen
reporting on service providers and subservices (for outsourced
providers), require data validation of external reporting to ensure
independent analysis of content, and to require a detailed risk
assessment for the service organization. The panel will also discuss the
value of SOC 2 reports from the perspective of auditors, information
security professionals and service organizations. We invite you to bring
that laundry list of questions you have about SOC reports.
Moderator:     Brian Bertacini, CEO, AppSec Consulting
Panelists:     
Doug Barbin, Principal, Shellman LLP
Ryan Hogan, Director of Strategic Advisory Services, AppSec Consulting
Nathaniel S. Hartman, Corporate Risk Assurance / Internal Audit,
Symantec Corporation
Alexander Anoufriev, Chief Information Security Officer, Thousand Eyes
***********
Itinerary
***********
5:30 PM PT - Nosh and networking
6 PM PT - Chapter business and announcements
with presentation(s) following
Chapter board synch up afterwards
***********
Thanks to our chapter meeting sponsor
***********
Thank you to AppSec Consulting for committing to the Supporting (Level
1) participation level for the chapter. AppSec Consulting provides
world-class web application security services, penetration testing, PCI
compliance services, and web application security training. For more
information, check out their web site: https://www.appsecconsulting.com/
*************************
13 June 2017 Chapter Meeting
*************************
Hello chapter members,
June – the start of summer, Ramadan, hurricane season, and graduations. I
hope you are progressing in your summer travel and for your security
conference plans. This month's meeting has a really interesting technical
topic that ties to the topic of the last few meetings.
***********
Chapter meeting
***********
This month we welcome Katie Murphy, Security Operations Engineer at Credit
Karma who will be talking about using DMARC, SPF, and DKIM to protecting
your companies reputation and email.
Abstract: Spoof-Proof with DMARC
Bring your mail security into 2017 and protect your brand with DMARC.
Review how the foundational technologies SPF and DKIM work, why DMARC is
necessary, and how it's part of a balanced breakfast to stop business
email compromise. Discover shadow IT, create custom threat intel feeds
from would-be spoofers, and gain control over how mail from your domain is
handled. Bonus content on the bleeding-edge ARC available for audiences
that move quickly.
***********
Thanks to our chapter meeting sponsor
***********
Unfortunately, we do not have a sponsor for this month's chapter meeting.
If your employer would be willing to sponsor, have them reach out.
***********
LinkedIn presence
***********
Some chapter members asked if the chapter can have a LinkedIn presence.
The board has similar privacy concerns to many board members about using
the web site; more so now that Microsoft owns the site and with the latest
privacy policy changes. Though, for those of you that would like to help
promote the chapter and partake of communications with fellow chapter
members we have a Group set up for chapter members. Additionally, for
those who have had leadership roles in the chapter we set up a profile so
that when adding your leadership experience it can be linked back to the
chapter.
If you have any questions, please reach out to the communications
chairperson or chapter president.
Previous Meetings
*************************
9 May 2017 Chapter Meeting
*************************
Hello chapter members,

May the forth be with you, fellow chapter members. This month's meeting
has a distinguished member of the community lined up.

award-winning Farsight Security who will be talking about using DNS as a
This month we welcome Dr. Paul Vixie, the Chairman, CEO and cofounder of
defense vector.

Abstract: DNS As a Defense Vector

watching what bad guys do with their DNS configurations and offering
DNS enables everything else on the Internet -- both good and bad. By
them differentiated (that is to say, poor) service, defenders can
DNSSEC and TSIG (Secure DNS and Transaction Signatures) are and why you
re-level the playing field in our favor. In this presentation, Internet
pioneer Dr. Paul Vixie, CEO of Farsight Security, will explain what
advance cyberinvestigations by hunt teams and other security professionals.
might want them, explain what RRL and RPZ (Response Rate Limiting and
Response Policy Zones) do and why you absolutely do want them, and the
importance of passive DNS monitoring and how it can significantly

DNS. Dr. Vixie is a prolific author of open source Internet software
Dr. Paul Vixie is an Internet pioneer. Currently, he is the Chairman,
CEO and cofounder of award-winning Farsight Security, Inc. He was
inducted into the Internet Hall of Fame in 2014 for his work related to
(ISC, 1994), and the first neutral and commercial Internet exchange
including BIND, and of many Internet standards documents concerning DNS
and DNSSEC. In addition, he founded the first anti-spam company (MAPS,
1996), the first non-profit Internet infrastructure software company
to DNS and DNSSEC in 2010.
(PAIX, 1991). He earned his Ph.D. from Keio University for work related
***********
Thanks to our chapter meeting sponsor
***********
Unfortunately, we do not have a sponsor for this month's chapter
meeting. If your employer would be willing to sponsor, have them reach out.
*************************
11 April 2017 chapter meeting 
*************************
Hello chapter members,

Spring is here – birds are singing, flowers are in bloom, the first Electronics Flea Market (EFM) provided us some interesting finds for our projects, and those of us with allergies are loving life. Another interesting topic and great presenter lined up for this month's meeting.  
This month we welcome Jason Truppi, the Director of Endpoint Detection and Response at Tanium who will be talking about his insights being an FBI agent and now working in a startup. 
Abstract:
I will be sharing illusions and realities that I have observed as a veteran FBI agent, who has worked hundreds of cyber incidents, and what I see today having assimilated into the innovative world of Silicon Valley tech. We all know that cybersecurity threats are evolving faster than the world can consume them and that requires passionate and dedicated people to help advance us forward and protect our assets. The reality is government alone cannot move at the pace that is needed to protect their constituents. Often there is a disconnect from what government perceives as a problem versus what private industry categorizes as a risk. Government and technology companies must work together to solve the breach pandemic we have today. I will be highlighting how enterprises are truly preparing their security teams, what valuable metrics they are capturing, what tools are most useful, and what government best practices and standards have been the most sticky. I will be covering the realities of applying threat intelligence, big data analytics and artificial intelligence at scale. Then we will take a step forward and think about what new security problems might be awaiting us in the near future. My goal is to expose the facts of what organizations are actually experiencing, which should help government focus their efforts in the areas that will be most effective at combating the threats that face us daily.
Jason Truppi is a career technologist turned FBI agent and now tech entrepreneur. Jason has many years of experience working in information systems and security. More recently, Jason was an FBI Cyber Agent in New York City where he worked some of the Nation's largest national security and criminal cyber intrusions. He was later promoted as Supervisory Special Agent in Washington D.C. where he was responsible for major data breaches, hactivism and cyber extortion cases across the country. As a Director at Tanium and CSIS Fellow, Jason is helping to advance the security industry to enable corporate network defenders on an even larger scale. He is applying his skills and experience in incident response, investigations, penetration testing, analysis and threat intelligence to help solve the cyber crime epidemic that we face today.
Twitter: @NotTruppi
Itinerary: 
Nosh and networking
Chapter business and announcements
Presentation
Chapter board synch up afterwards
*************************
14 March, 2017 Chapter Meeting
*************************
Itinerary:
Nosh and networking
Chapter business and announcements
Presentation
Chapter board synch up afterwards
***********
This month we welcome Karthik Venna, Product Manager from BitGlass who will be presenting on “Protecting Cloud Apps From Malware”.
Abstract:
Cloud applications have garnered widespread adoption from enterprises in part due to their advantages such as ease of deployment, lower TCO, and high scalability. These apps are also popular because end-users can rely on them to work and collaborate from anywhere and on any device. The industry question becomes whether or not enterprises should trust cloud app providers to protect their data from malware or ransomware. Currently, there are only a handful of enterprise cloud apps that can provide these solutions natively, but in almost all cases, they have no zero-day protection.
In this session we will discuss malware protection solutions that are offered by various cloud app providers, how malware can make its way into cloud apps, and how CASBs can help protect enterprise cloud apps from malware attacks.
***********
Thank you to Bitglass [www.bitglass.com] for being a supporting sponsor. We appreciate your efforts to improve the information security community in the silicon valley and Bay area.
***********
Other upcoming events
***********
Spring is here – and that means the start of the Electronics Flea Market (EFM). This coming Saturday morning (the weekend before our chapter meeting), fellow hackers, makers, ham radio enthusiasts, and the like with be converging at DeAnza College on the hunt for (or selling their) items you have been looking for – or never realised you absolutely had to have. Many chapter members attend this event, both for the bargain hunting and the social aspects.
Held the second Saturday of the Month, March through September. 0500 AM -1200 PM
January 10, 2016
We hope everyone had a merry Christmas, relaxing and full of family. Looking forward to seeing everyone again for our January meeting on the 10th – with our special guest speaker. 
Itinerary:
Nosh and networking
Chapter business and announcements:
   - Chapter elections results
   - January meeting details
   - February meeting canceled due to RSA Conference and Valentine's Day 
Presentation
**********
Chapter Elections
**********
Thank you Tim Tegarden and the rest of the election committee for your assistance conducting the chapter annual meeting and elections; and welcome our new board members. The board members for 2017 are: 
President: Tim O'Brien
Secretary: Wen-Pai Lu
Communications: Amir Jabri
Treasurer: Anna Pasupathy
Membership: Bill Burke
Thank you Stephen McCallum and Ravi Ramaanujan for your efforts on the board. 
***********
January chapter meeting: Stalking the Wily Hacker, 30 years later.
***********
This month we are excited to have Clifford Stoll, the author of The Cuckoo's Egg and Silicon Snake Oias our guest speaker. 
Abstract: Stalking the Wily Hacker, 30 years later.
Cliff will be sharing with us his insights, looking back to his experiences and forward to what we face. From geolocation of 4th generation cellphones and how corporations & gov't are beginning to monitor public social media to watch for trouble, the more things change the threats we face stay the same.

Clifford Stoll gained worldwide attention as a cyberspace sleuth when he wrote his bestselling book, The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage, the page-turning true story of how he caught a ring of hackers who stole secrets from military computer systems and sold them to the KGB. He has become a leading authority on computer security. His lecture presentations are energetic and entertaining, and showcase Clifford’s dry wit and penetrating views. Clifford Stoll is a commentator for MSNBC and an astronomer at the University of California Berkeley. 
The Cuckoo’s Egg inspired a whole category of books on capturing computer criminals. He began by investigating a 75-cent error in time billing for the university computer lab for which he was systems manager and ended up uncovering a ring of industrial espionage. Working for a year without support from his employers or the government, he eventually tracked the lead to a German spy hacking into American computer networks involved with national security and selling the secrets to the KGB for money and cocaine. 
Since catching the "Hanover Hacker" (Hanover, West Germany), Stoll has become a leading expert on computer security and has given talks for both the CIA and the National Security Agency, as well as the U.S. Senate. 
Stoll is also the author of two engaging and counter-intuitive critiques of technology’s role in culture written in his trademark quiet and folksy style full of droll wit and penetrating insights. In Silicon Snake Oil: Second Thoughts on the Information Highway, Stoll, who has been netsurfing for fifteen years, does an about-face, warning that the promises of the Internet have been oversold and that we will pay a high price for its effects on real human interaction. High Tech Heretic: Why Computers Don’t Belong in the Classroom and Other Reflections by a Computer Contrarian asks readers to check the assumptions that dominate our thinking about technology and the role of computers, especially in our classrooms. As one who loves computers as much as he disdains them, he admits to being deeply ambivalent about computers, and questions the role of networks in our culture. 
Cliff's klein bottle web site: http://www.kleinbottle.com/ 
 
***********
Thanks to our chapter meeting sponsor
***********
Unfortunately, we do not have a sponsor for this month's chapter meeting. If your employer would be willing to sponsor, have them reach out. 

Notes:
***********
February chapter meeting canceled
***********
Due to the RSA Conference as well as Valentines Day being February 14th, the board voted to cancel the chapter meeting for February. Hope everyone enjoys their RSA Conference experience. The next planned chapter meeting will be March 14, 2017. 
December 13th , 2016 
Emerging Trends in Cyber Security and Risk Management
This month we have Dr. Srinivas Mukkamala, the Co-Founder and CEO of RiskSense, Inc. talking about the Emerging Trends in Cyber Security and Risk Management; as well as RiskSense being the chapter sponsor for the month of December.
Abstract:
According to Gartner, organizations will spend approximately $92 billion on IT Security in 2016. Despite these investments, new data breaches are disclosed almost on a daily basis.  Keeping abreast of emerging trends in cyber security is essential for securing the expanding attack surface of enterprises and aligning information security plans with business risks. Unfortunately, facing on average hundreds of thousands of vulnerabilities across thousands of machines, puts those security practitioners assigned to identify and remediate these security gaps at an immediate disadvantage. Lengthy dwell times and asynchronous iterations are the result, limiting the effectiveness of any cyber security program. In this ISC2 seminar, renowned cyber security expert Dr. Srinivas Mukkamala will discuss emerging trends in network security, including big data in security, threat and business intelligence as factors to determine cyber risk exposure, and the role of human-interactive machine learning in orchestrating remediation actions.
Who:
Dr. Srinivas Mukkamala is co-founder and CEO of RiskSense. He has been researching and developing security technologies for over 15 years, working on malware analytics (focuses on medical control systems and non-traditional computing devices), breach exposure management, Web application security, and enterprise risk reduction. Mukkamala was one of the lead researchers for Computational Analysis of Cyber Terrorism against the U.S. (CACTUS). He has been published in over 120 peer-reviewed publications in the areas of information assurance, malware analytics, digital forensics, data mining, and bio-informatics. He has a patent on Intelligent Agents for Distributed Intrusion Detection System and Method of Practicing. Mukkamala received his Bachelor of Engineering in Computer Science and Engineering from the University of Madras, before obtaining his Master of Science and Ph.D. in Computer Science from New Mexico Tech.
November 8th , 2016 
NOTE:
November chapter meeting - CANCELED

Since the date of the chapter meeting for November falls on election day,
the Silicon Valley chapter board members have decided to cancel the
meeting for November. Please remember to vote in our country's elections,
and nominate someone for the chapter's elections in December.
October 11th , 2016 
Bryan Lee from Palo Alto Networks provides insight on the Sofacy group, aka APT28, Fancy Bear, Pawn Storm, etc.
Abstract:
Earlier this June, we published a blog documenting an obscure DLL
sideloading technique in use by a well-known state sponsored group, the
Sofacy group, aka APT28, Fancy Bear, Pawn Storm, etc. We will take an
in-depth look at the analysis Unit 42 performed on that attack, as well as
a freshly discovered attack exhibiting not only ties to the attack in
June, but also an evolution of tactics in what may seem like a cat and
mouse game.

Bryan Lee is a Threat Intelligence Researcher with Unit 42 at Palo Alto
Networks. His areas of expertise are in cyber espionage threats, cyber
security operations, and threat collection. Prior to joining Unit 42 at
Palo Alto Networks, Bryan worked at the NASA Security Operations Center,
first as a real time detection analyst, transitioning into the threat
intelligence team at the NASA SOC, and ultimately moving into leading the
real time detection team. Bryan’s diverse set of experiences provides a
unique perspective on the viability of people, processes and technology
from both an operational and theoretical capacity.
September 20th , 2016 - Social Event
6 PM
Harry's Hofbrau
3900 Saratoga Avenue
San Jose, CA 95129
August 9th , 2016:
Topic: Ransomware, RATs & other Big Trends in Cybersecurity
 Summary: Advanced threats are changing so often it is getting harder and harder to keep up! In addition to new attacks, hackers are reinventing older ones, making it even more difficult to detect. We will discuss at a high-level some of biggest cybersecurity threats happening right now, including:
The Resurgence of Ransomware - Locky and other new cryptolockers;
Malvertising, oh My! - No website is safe from unknowingly spreading malware to visitors
I have RATs - How to defend against Remote Access Trojans stealing your data
BIO:
Nick Bilogorskiy is a founding team member at Cyphort, a next-generation anti-malware startup, and is currently leading threat operations there. He came to Cyphort from Facebook where he was the chief malware expert and a security spokesperson for the company, keeping 1 billion active users safe and secure. Nick is skilled in reverse engineering, analysis, writing patterns and tracking malware, frequently quoted in the media. He recently presented on IOT security at SKBI-BFI conference. He holds a Bachelor of Science degree in computing science and philosophy from Simon Fraser University in Vancouver, Canada, and a GIAC Reverse Engineering Malware (GREM) certification. He holds several patents in computer security.
July 12 , 2016:
Hope the start of your summer has gone well, and you're planning for the annual migration to Vegas for “hacker summer camp” (Bsides Vegas, Black Hat & DEFCON) is also going well. Look forward to seeing you all in Vegas, as well as our upcoming meeting. This month we have Ryan Russell from Phantom providing us insight on their security automation and orchestration platform; as well as Phantom being the chapter sponsor for July.
Title: Phantom
This presentation will introduce the Phantom security automation and orchestration platform, and tell attendees how to get a copy of the free community edition to try out themselves. Ryan will introduce the product itself, including the general problems it's trying to address (enhancing incident responders), basic product UI, and some of the Phantom jargon. The remainder of the presentation will cover use-cases for incident response and forensic investigation. Technology integrations demonstrated will include Splunk, VirusTotal, Shodan, VMware, Volatility, DomainTools, and others. Finally, we will touch on writing code for Phantom in the form of Playbooks and Apps, and then take questions.
Who:
Ryan Russell has worked in the information security field for over 20 years, alternating between the product development and operations teams. He is currently the Director of Technical Operations for Phantom, where he runs the lab with all the products that Phantom talks to. Just prior to Phantom, he was internal incident response for FireEye and ran their public security bug reporting presence. He is also sometimes known for being the lead author and series editor for the Stealing the Network book series from Syngress.
Phantom, an award-winning company, automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger, Phantom provides the flexibility to connect in-house and third-party systems into one consolidated, integrated and extensible platform. Phantom was founded by enterprise security veterans Oliver Friedrichs and Sourabh Satish who have helped propel companies like Symantec, Sourcefire, Cisco and others to success. For more information visit: www.phantom.us.
June 14, 2016:
Title: "Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergency Response"
Abstract:

Effectively responding to modern disasters and humanitarian emergencies
requires a substantial amount of connectivity. Whether for cloud, social
media, GIS, or other critical access, emergency managers increasingly
rely upon Internet access as a key service alongside traditional
emergency and humanitarian response, such as search and rescue and
medical support.

"Hastily Formed Networks" are the networks that are created in the
immediate aftermath of a disaster. While they perform vital services,
most HFN deployments are significantly lacking in security management
and oversight. This talk will discuss HFNs, and the evolution of
security on these networks using examples from Hurricane Katrina to last
year’s Ebola crisis in West Africa and the ongoing Syrian Refugee Crisis
in Europe.

Bio:

Rakesh Bharania is the West Coast lead for Cisco Tactical Operations
(TACOPS) – Cisco’s primary technology response team for disaster relief
and humanitarian assistance. Additionally, he serves as chairman for the
Global VSAT Forum’s (GVF) Cybersecurity Task Force, and is a recognized
leader in the field of satellite security.With TACOPS, Rakesh is
responsible for the design and implementation of secure emergency
networks to support first responders, NGOs, and governments, and also
works to restore critical infrastructure in the midst of disasters.
Rakesh is also a Cisco representative to international forums on
disaster relief and resiliency including the United Nations and FEMA / DHS.

May 10, 2016:
Title: Data-Driven Threat Intelligence: Metrics on IOC Effectiveness and Sharing
 For the past 18 months, Niddel have been collecting threat intelligence indicator data from multiple sources in order to make sense of the ecosystem and try to find a measure of efficiency or quality in these feeds. This initiative culminated in the creation of Combine and TIQ-test, two of the open source projects from MLSec Project. These projects have been improved upon for the last year, and are able to gather and compare data from multiple Threat Intelligence sources on the Internet.
We take this analysis a step further and extract insights form more than 12 months of collected threat intel data to verify the overlap and uniqueness of those sources. If we are able to find enough overlap, there could be a strategy that could put together to acquire an optimal number of feeds, but as Niddel demonstrated on the 2015 Verizon DBIR, that is not the case.
We also gathered aggregated usage information from intelligence sharing communities in order to determine if the added interest and "push" towards sharing is really being followed by the companies and if its adoption is putting us in the right track to close these gaps.
 Join us in a data-driven analysis of over an year of collected Threat Intelligence indicators and their sharing communities!
Alex Pinto is the Chief Data Scientist of Niddel and the lead of MLSec Project. He is currently dedicating his waking hours to the development of machine learning algorithms and data science techniques to automate threat hunting (I know) and the making threat intelligence "actionable" (I know, I know). He has presented the results of his ongoing research at multiple conferences, including Black Hat USA 3 years in a row, demonstrating a fun but informative take on very technical subjects.
He has almost 15 years dedicated to all things defensive information security, and 3 years in Data Science related work. Alex is currently a CISSP-ISSAP, CISA, CISM, and PMP. He was also a PCI-QSA for almost 7 years, but is a mostly ok person in spite of that.
April 12, 2016:
CASB: Cloud Access Security Broker or: how I learned to stop worrying and love the Cloud.
Topics discussed:
- Limitations of Cloud Services Security
- Introduction to CASB
- Types of Cloud Access Security Brokers (CASB)
- How CASBs work
- Open Discussion
Mr. Kyong An has 20 years’ experience in Information Technology and Information Security. He previously worked at Intuit, PricewaterhouseCoopers, and Booz Allen & Hamilton. He has led and deployed several Access Controls and Identity Management implementations across multiple industries, including Entertainment, Consumer Products, Energy and Financial, most recently, a Roles Based Access Control framework to manage UNIX operating system service accounts. Mr. Kyong is currently the Director of Consulting Services at Palerra, Inc., a cloud security company in Santa Clara, CA..
FIDO (Fully Integrated Defense Operation) by Rob Fry from Netflix
Demonstrate the value of Netflix's Open Source initiative FIDO (Fully Integrated Defense Operation) and how it integrates with security tools, networking, and endpoints to secure our corporate network from malicious intrusions.
For information: http://techblog.netflix.com/2015/05/introducing-fido-automated-security.html
Rob Fry is an accomplished architect, inventor and public speaker with 19 years experience primarily in large scale Internet companies and the utility industry. In his current role he specializes in security orchestration and building cloud security solutions. While at Netflix he invented FIDO, a patent pending open source incident response and remediation platform and at Yahoo created the DUBS configuration and automation framework for production servers. In his free time he enjoys working on advisor boards, CABs and engineering steering teams with a passion for helping create products in the cloud and security space by working with venture capitalist to develop stealth and startup companies.
March 8, 2016:
"What's the real risk of mobile to the enterprise? What should you do about it?  Leveraging Behavioral and Predictive Security to Prevent Threats Before they occur."
 
*Proposed Topics *(not necessarily segments, but the topics we will cover)
- The Increasing Need for Mobile Security: outline the shift to mobile and inherent risks faced in the enterprise, reference recent studies, Lookout perspective
- How to prevent threats before they happen - predictive/behavioral approach through big data, protecting enterprise assets and assuring app driven services
- Enterprise Research and Response - insight to the problem statement of identifying threats and then deciding what to do about them.
 
Presenters:
Bharath Rangarajan, VP Product - responsible for Lookout Mobile Security product development related to mobile threat protection and threat intelligence
Mike Murray, VP Research and Response - responsible for threat analysis and response, evaluating the evolving threatscape of mobile, partners with product dev
Chris Tow, Sr Sales Engineer - responsible for customer engagement and helping to define ways to enhance protection of digital assets and bus processess.
February 9, 2016:
Hackers Hiring Hackers—How to Do Things Better
ABSTRACT:
There are few talks that address what some consider to be the hardest part of getting a job in InfoSec: the hiring process. Information security is in desperate need of people with the technical skills hackers have to fill a myriad of roles within organizations across the world. However, both sides of the table are doing horribly when it comes to hiring and interviewing. Organizations are doing poorly trying to communicate expectations for a job, there are people going to interviews without knowing how to showcase their (limited or vast) experience, and some people posture themselves so poorly that the hiring managers don’t think the candidates are really interested in the job. This talk takes the experiences of the speakers as both interviewers & interviewees (as well as from others) in order to help better prepare to enter (or move within) “the industry” as well as hiring managers know what they can do to get the people & experience they need for their teams.
BIO:
Tim O’Brien is Director of Threat Research at Palerra. As a 16-year information security professional, O’Brien is a subject matter expert in risk and incident management, intrusion and data analysis, secure architecture design, and systems management. O’Brien is well versed in developing technical solutions, determining the best options for the business and its goals, and creating comprehensive implementation plans that minimize risk for the organization. His excellent analytical and problem solving skills, with emphasis on understanding relationships among technical problems, result in sound and effective business solutions while reducing risk. He enjoys mentoring others and helping them develop their skills through supervisory positions, coursework development, mentoring, presenting at and helping run information security conferences, as well as instructional positions.
January 12, 2016:
Presenter:    Mr Kyong J An, Director of Professional Services at Palerra, Inc.
Title:    A Practical Deployment: RBAC & Privileged Access Mgmt for UNIX in the Cloud
Abstract:
Extending Privileged Access Management to Cloud-based UNIX servers provides a meaningful opportunity to flex an existing RBAC implementation.
RBAC plays a crucial part in controlling UNIX service account entitlements in an elastic environment. This session will cover a real-world deployment and is relevant if you already have an RBAC framework or are planning a future deployment.
 The attendees will learn how the solution was built and how the RBAC model can be extended to manage off-premise UNIX service accounts. The lessons learned and examples will provide design input into their RBAC framework.
December 8, 2015:
A:    2016 Chapter board election
On site candidates registration and voting; in person only.
B:    Presentation from United States Department of Homeland Security 
Topic: Mobile Security R&D with DHS Science & Technology
Description: DHS S&T's Vincent Sritapan, PM for Mobile Security R&D, will provide an in-depth overview of the current strategy and R&D investments for the Mobile Device Security Program.  Vincent will brief on the challenges in mobile security for the Federal Government and provide insights into current R&D initiatives funded by DHS Science & Technology.
November 10, 2015:
Toward Cybersecurity in Business Terms: Quantifying the Risk in Dollars
Corporate executives know that while cyber risk cannot be eliminated, it can and must be managed so as to minimize impact on the business. But it is difficult to manage a risk that cannot be measured. Unless companies can identify and quantify cyber risks in dollars, they cannot effectively allocate security resources, justify investments, weigh competing priorities, or communicate risk with internal stakeholders or concerned customers.
In January the World Economic Forum and Deloitte proposed a framework for a quantitative, risk-based approach to cybersecurity focusing on asset value at risk. Earlier frameworks, notably the FAIR taxonomy, have also tried to put risk  assessment on a quantitative footing. Like all assessment frameworks, these approaches are based on an exhaustive set of subjective human judgments, and as a result they are laborious and of limited accuracy.
We propose an automated approach using actuarial science and empirical data to quantify risk. Data on rates of occurrence and financial impact of cyber incidents are extracted from industry reports, census data, SEC filings, insurance claims, and other sources, aggregated using Bayesian statistics and combined with automatically measured local IT factors to build a risk profile for an organization. Value at risk can be calculated for both structured and unstructured data assets; for the latter, a statistical approach is used based on department ownership and document access patterns.
Risk can be managed and mitigated strategically when quantified in dollars. Progress can be measured, and hypothetical actions can be modeled and evaluated in terms of risk. Even potential black swan events can be anticipated and managed. With quantitative risk projections companies can plan ahead to minimize impact of the most extreme cyber events.
Speaker:  Thomas Lee, PhD
Thomas is a serial entrepreneur, co-founder and CEO of VivoSecurity Inc. His interest in risk quantification stems from his experience in IT and software development combined with a background in applying novel computational techniques to biological problems. He has a PhD and MS in biophysics from the University of Chicago, a BS in physics and a BS EE from the University of Washington.
October 13, 2015:
The Future of Endpoint Threat Detection, Response & Prevention
Synopsis:
The battleground has changed. Advanced attackers are routinely penetrating perimeter defenses and averting antivirus technologies to successfully launch attacks against endpoints and servers. Compromise is inevitable but a massive data breach doesn’t have to be. The Bit9 + Carbon Black Security Solution is the industry’s first and only integrated Endpoint Threat Prevention, Detection and Response solution. The Bit9 + Carbon Black Security Solution consists of two industry-leading products and the Threat Intelligence Cloud. Independently, each product is a leader in its category. Together, they provide security and risk professionals with the ultimate advanced threat protection solution for Windows, Mac and Linux endpoints and servers. This meeting will explore both solutions to help the audience understand and appreciate Bit9 + Carbon Black’s approach in the context of securing their enterprise environment.
Speaker Bio:
Manoj Khiani, CISSP-ISSAP, is a Senior Systems Engineer with Bit9 + Carbon Black.  He has spent his career in Internet security focused companies over the last 20 years at leading companies such as Netscape, VeriSign, and Check Point.  Mr. Khiani holds a degree in Electrical Engineering from the University of California, Berkeley and has held his CISSP certification since 2001.  He is also a co-founder of the Silicon Valley ISC(2) chapter.
September 8, 2015:
Two part presentation: 
1. Attivo Networks CEO, Tushar Kothari, will discuss a new category of security - "deception" 
2. After Tushar's talk of "deception", Mahendra from the VC group will join him to have a "fire-side" talk about startups in the security field, including startup/funding and team building
August 11, 2015:
This was an "all hands meeting and open discussion".
- board members will share experiences/stories in their field
- discussions about future chapter activities
- members are encouraged to provide input about the chapter or share experiences.
July 14, 2015:
 Software Defined Network (SDN): What is SDN? What are SDN security issues?
As SDN builds momentum to be  implemented in both cloud and in-house environments, it's time for us to know what SDN is and what the potential security risks are for the SDN.

Wen-Pai Lu is our current chapter board member and shared his experiences regarding the SDN during the July 14 chapter monthly meeting.

June 9 2015:
 1. A brief presentation on "DHS Transition to Practice (TTP) program" from Michael Pozmantier, Program Manager
 2. "Managing Security Risks Affecting Robots, Implantable Devices, and Other Disruptive Technologies" By Stephen S. Wu, Attorney at Law
What are the new information security legal challenges in an era of rapid, sweeping change in technology? 
Enterprises face compliance and liability issues from the use of robots, artificial intelligence systems, non-traditional mobile devices......
The talk covers the intersection among legal, business, and technology issues from the development of those disruptive technology and ways enterprise can manage their legal risks.

May 12, 2015 - Henry Yeh, chapter's 2014 president will discuss the topic of "Malware": Polymorphic, Metamorphic malware in the research format--not  focus on how commercial vendors are doing their detection.

Discussion will focus on the detection techniques being researched. Demonstration on how to create a worm, and detection malware using Microsoft tools on Windows OS. 
April 14, 2015 - 1. Cybersecurity startups: The good, bad and the ugly:  Mahendra Ramsinghani will share case studies of a few security startups. (Presentation)
                2. 'Preparing for an Imminent Terabit DDoS Attack’ by Orion Cassetto, Director of Product Marketing at Incapsula
March 10th 2015 - Section 1: "Market trends in IT and Information Security careers" from career advisor's points of view by KFORCE Section 2: "What is FaaS? (not a typo of SaaS)"  by Puneet Thapliyal, Co-founder, Verasynth FaaS 

February 10th 2015 - Kelly Harward, Director of Product Management at Raytheon Cyber Products on Insider Threat - Deconstructing the Insider Threat & Mitigating the Associated Risk
January 13th 2015 - Wen-Pai Lu on Cloud Security: A Different Perspective.
October 14th 2014 - Edward Chang on (ISC)2 Foundation's Safe and Secure Online (SSO) Program
September 9th 2014 - Henry Yeh on Defense Security Service (DSS)
August 12th 2014 - HP Atalla on “Cloud Security Challenges”
July 8th 2014 - Seagate Technology on "Enhancing Enterprise Security with Self-Encrypting Drives" & "Security Awareness Metrics at RekenaarCorp"
June 10th 2014-Pindrop Security on "Phone Channel Fraud and Acoustical Fingerprinting"
May 13th 2014-Cloudflare on "Mitigating DDoS Attacks"
April 8th 2014-Thales e-Security on "Data Protection and Mobile Payments"
March 11th 2014-Hewlett Packard on "The Outsourcing of Application Security"
February 11th 2014-FBI on "Cyber National Investigation"
December 10th, 2013-SANS Top 20 Critical Control
November 12th, 2013-Board Elections and Bear Data Systems
October 8th, 2013-Fortinet
September 10th, 2013-United States Secret Service
July 9th, 2013-Barchie Consulting and Shuh Chang
June 11,2013-Radware (Presentation)
May 14th, 2013-Cisco
April 9th, 2013-Tripwire

Feb 12th 2013-Thales Security

Comments