Upload
vuque
View
220
Download
2
Embed Size (px)
Citation preview
ISSA Baltimore Chapter
Monthly Meeting
February 25, 2015
ISSA-Baltimore Sponsors:
Interset!, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Board of Directors Bill Smith, CISSP, GSNA, CEH, GPEN, GCFA, GCFE -
President
Sidney Spunt, CISSP - VP Operations
Kevin Drury – Secretary
Carol Klessig, CISSP - VP Professional Development
Rod Zwainz, CISSP, PMP - VP Education
Phil Rogofsky, CISSP, Network+, CPA – Treasurer
Steve Chan, CISSP, PMP – VP Membership
Dennis Dworkowski, CISSP-ISSEP – VP Outreach
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Baltimore Chapter Sponsors
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Agenda / Announcements
Welcome to Parsons, 7110 Samuel Morse Drive, Suite 200 Columbia, Maryland 21046 Non-U.S. Citizen Requirements
Any guests or new members in attendance?
(ISC)2 CPE Submissions – Individual Responsibility
New CISSP and SSCP Domains
Chapter Strategic Plan
New Member Promotion
CISSP Chapter Badges / Shirts and Jackets with ISSA-Baltimore Logo
CISSP Study Group Spring 2015 – February 24 thru May 19, 2015
New Location: Phoenix TS
Amazon Affiliates program
LinkedIn Group
Facebook Page – “ISSA-Baltimore Chapter”
Future Meeting schedule
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
New Members
Since January Meeting
278 Total Members
Aaron Caruso
Kevin Clark
Shane Jager
Aaron Levi
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Ryan Paal
Thomas Pena
Will Unkart
Alexander Vining
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
What? You didn't know Computers Control you?
/ ICS and SCADA 2-Hour Live Event: Monday, March 2, 2015
Start Time: 9:00 a.m. US-Pacific/ 12:00 p.m. US-Eastern/
5:00 p.m. London
Brought to you exclusively by ISSA.
REGISTER NOW
Join the conversation! #ISSAWebConf
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Opening Doors for Women in the Information Security Field
1-Hour Live Event: Monday, April 6, 2015
Start Time: 1:00 a.m. US-Pacific/ 4:00 p.m. US-Eastern/ 9:00 p.m. London
Brought to you exclusively by the ISSA Women in Security SIG.
REGISTER NOW
Join the conversation! #ISSAWISSIG
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
CISSP Domains, Effective April 15, 2015 •Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business
Continuity)
•Asset Security (Protecting Security of Assets)
•Security Engineering (Engineering and Management of Security)
•Communications and Network Security (Designing and Protecting Network Security)
•Identity and Access Management (Controlling Access and Managing Identity)
•Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
•Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster
Recovery)
•Software Development Security (Understanding, Applying, and Enforcing Software Security)
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Systems Security Certified Practitioner (SSCP)
Domains,
Effective April 15, 2015
* Access Controls * Cryptography
* Security Operations and Administration * Networks and Communications Security
* Risk Identification, Monitoring, and Analysis * Systems and Application Security
* Incident Response and Recovery
* The SSCP indicates a practitioner’s technical ability to tackle the operational demands and
responsibilities of security practitioners, including authentication, security testing, intrusion
detection/prevention, incident response and recovery, attacks and countermeasures, cryptography,
malicious code countermeasures, and more.
Chapter Strategic Plan
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Vision - To be the community of choice for international cybersecurity
professionals dedicated to advancing individual growth, managing
technology risk and protecting critical information and infrastructure
Mission - ISSA is a not-for-profit, international organization of
information security professionals and practitioners. It provides
educational forums, publications, and peer interaction opportunities
that enhance the knowledge, skill, and professional growth of its
members
Change to the Chapter By-laws
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
ARTICLE I: Name
Current:
The name of this organization shall be the Baltimore Metropolitan
Chapter, Information Systems Security Association, Inc., (ISSA)
hereafter referred to as the "Chapter".
Change:
The name of this organization shall be the Central Maryland
Chapter of the Information Systems Security Association, Inc., (ISSA)
hereafter referred to as the "Chapter".
Chapter Strategic Plan-Core Values
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Collaboration - We believe that working together toward a common goal is
essential to the success of the association.
Knowledge Sharing - We encourage knowledge sharing as a result of our belief
that all of us are smarter and more productive than any one of us.
Leadership - We inspire each other to achieve and grow through a shared vision
and passion to excel.
Professional Development - We support the development of our people,
association and profession through positive relationships, dynamic synergies and
innovative growth opportunities.
Innovation - We search for new avenues to improve the Cybersecurity community,
ISSA International and our Chapter
Chapter Strategic Plan-Goals and Strategies
• Goal I:Expand Chapter Influence outside of Howard County Area
• Change chapter name to ISSA of Central Maryland
• Reach out to security companies outside Howard County
• Join and be active the Chesapeake region Tech Council
• Objective 2: Increase Benefit to Members
• Seek out more varied speakers for chapter meetings.
• Develop relationship with other organizations such as other ISSA Chapters, IIA, IEEE Baltimore, and ISACA.
• Create relationships with educational organizations to provide more costs training opportunities such as Phoenix
• Poll members to see what they what additional opportunities they would like the Chapter to pursue.
• Goal 3:Improve Relationship with Companies/Sponsors
• Create Corporate Ambassadors where members represent the Chapter to their employees,
• Start monthly communication/e-mail newsletter to Sponsors
• Host on-site Meet and Greet Events at Large Companies.
• Poll Sponsors to determine what they would like out of Sponsorship.
• Goal 4-Promote Chapter's Identity
• Increase STEM involvement and participation events such in the HoCo STEM Festival.
• Increase involvement in local security events such as CyberMarylandConference;.
• Increase involvement with Howard Tech Council
• Increase support to our Student Chapter at UMBC and explore creating additional student chapters.
13 ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
New Member Promotion
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Rules:
1. Promotion begins August 1, 2014
2. New member must identify referring member when joining
3. $25.00 Amazon Gift Card awarded to referring member
4. Referring member’s registration must be current
5. Awards will be presented at monthly Chapter meeting
6. Program will run through December 31, 2015 and be re-
evaluated by the board after that time
7. Board of Directors not eligible to participate
New Member Promotion
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Congratulations - $25.00 Amazon Gift Card winners:
Chris Ambrose
John Barker
Chuck Dickens
Charles Dickert
Devin Elmore *
Ivan Gordon
Monique Mitchner *
Matt Morris
Nick Rapp
Katelin Rowley
Oliver Thomas *
Rod Zwainz *
17 Feb 15 Kickoff for CISSP
24 Feb 15 Information Security Governance & Risk Management
3 Mar 15 Security Architecture & Design
10 Mar 15 Access Control
17 Mar 15 Operations Security
24 Mar 15 Cryptography Part 1
31 Mar 15 Cryptography Part 2
7 Apr 15 Physical & Environmental Security
14 Apr 15 Software Development Security
21 Apr 15 Business Continuity & Disaster Recovery
28 Apr 15 Telecommunications & Network Security Part 1
5 May 15 Telecommunications & Network Security Part 2
12 May 15 Legal, Regulations, Investigations and Compliance
19 May 15 Practice Exam / Review
ISSA-Baltimore CISSP Study Group
Fall 2015 Schedule
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Phoenix TS, 10420 Little Patuxent Parkway, Suite 500, Columbia, MD 21044
The ISSA Baltimore Chapter is organizing a networking visit and tour
of the Jailbreak Brewery in March 21, 2014, 3:00 PM – 5:00 PM
Cost $10.00 per person
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Jailbreak Brewing Company
9445 Washington Blvd N
Laurel, MD 20723
(443) 345-9699
http://www.jailbreakbrewing.com
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Our New
Chapter Blog !!
As 2015 is now underway, we wanted to provide you with a list of potential networking and
volunteering opportunities tentatively scheduled for this year. We are always looking for members
to assist with various outreach and chapter activities that need to be completed. You may be
asking yourself, what is in it for me? Listed below are several benefits for volunteering your time
to help the Baltimore ISSA chapter out.
Volunteering provides a chance to learn new skills. Carol Klessig is learning to create a unique
hash tag this weekend. Learning about social media (Twitter) may help Carol add to her resume.
Please email Carol at [email protected] If you would like to be
considered for the new position known as Director of Publicity.
Helping others learn and encouraging our youth feels great. Rewards are not always monetary.
Encouraging a student can be your chance to pay it forward. This is especially beneficial for
recent graduates or new members in the security field.
Camaraderie. Social outings like our field trips can be a chance to form a new friendship with
others in the IT field.
CPE's. Working for the club can generate CPE's that can be used to maintain your certifications.
Currently, we need our website updated and possibly redesigned. Does anyone have a
experience in web design that could assist us with updating or redesigning our current website?
You can volunteer for just a single event or on a regular basis. A variety of items exist that we
could use assistance with. These items include writing a blog article, greeting members at the
door or assisting with the setup/cleanup at chapter meetings. If you see a position aching to be
filled, talk to one of the board members.
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
2015 Meetings and Events
Date Speaker Organization Topic
January 28, 2015 Kathy Worgul Carroll County Business & Employment
Resource Center
How Can LinkedIn Assist in Career
Advancement
February 9, 2015 Lori Harmon Women In Security SIG Webinar The Art of the Ask: How to Ask for – and Get
– What You Want in Your Career
February 25, 2015 Robert K. Gardner New World Technology Partners Cyber Risk, Thru the Shareholder Lens
March 25, 2015 Rhonda Ferrell CyberSecurity & Your Professional Life: A
Value-Add Approach
April 15, 2015 Mid-Atlantic ISSA Security Conference,
NIST, Gaithersburg, MD
April 22, 2015 Anthony
Teelucksingh
United States Department of Justice
May 20, 2015 Brian E. Dykstra Atlantic Data Forensics, Inc.
October 12 – 13 ISSA International Conference
Chicago Illinois
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
March 25, 2015 Speaker
Rhonda Farrell
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Rhonda Farrell is an Associate with Booz Allen Hamilton, primarily focusing on enterprise life-cycle
activities as they relate to cybersecurity and quality. Her prior career experience was within
operations, engineering, and security functional areas of Fortune 500 companies throughout Silicon
Valley, CA. as well as with the US Marine Corps at Quantico, VA.
She is a veteran committee member and leader within IEEE Northern Virginia, ISSA International
(WIS SIG and Board of Directors), ISSA-NOVA, and ASQ 509 where she has worked on initiatives
which provide member value, increase opportunities for professional development, stimulate growth,
and enable realization of strategic partnering opportunities. She brings to the leadership teams --
enthusiasm, a strong work ethic, commitment to organizational principles, a deep technical
background, sound management capabilities with a solid grounding in quality best practices.
March 25, 2015 Topic
CyberSecurity & Your Professional Life:
A Value-Add Approach
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
Cybersecurity is a high growth field, but an inexact science -- an
amalgamation, if you will, of theories, principles, and best practices pulled
from the realms of quality, performance excellence, and change
management. Explore how these bodies of knowledge can be more
effectively intertwined to craft a solid roadmap using a ‘value-add approach’
which guides both your customer solutions as well as your own career.
February 25, 2015 Speaker
Robert K. Gardner
New World Technology Partners Mr. Gardner formed New World Technology Partners (NWTP.net) in 1977 to incubate and promote advanced technologies and new
ventures with business potential and national/public policy implications. His efforts focused upon High Performance Computing and
Cyber Risk technologies directed primarily to National Security, Energy, Healthcare and Financial Services applications.
•He introduced and promoted intellectual property and launched new business units – for 3rd parties and the NWTP portfolio,
including August Systems, Verdix, Meiko Scientific, Cryptek, Phoenix Numeric and Probity Labs.
•Under whose auspices he also produces training workshops, speaking engagements, articles & blogs and congressional
testimony on the Impact of Cyber Risk – with and for Government Agencies, marquee trade associations, NGOs and
Academic Institutions.
He currently writes, speaks and mentors on the Enterprise impact of Cyber Risk and has prepared briefings and testimony for the
U.S. House of Representatives, Senate committees and industry forums.
Mr. Gardner has a BSEE from Rensselaer Polytechnic Institute and studied graduate system engineering and business
administration at Penn State and the University of Santa Clara respectively.
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
February 25, 2015 Topic
Cyber Risk, Thru the Shareholder Lens
ISSA-Baltimore Sponsors:
Interset, CyberCore Technologies, Phoenix TS,
Microsoft Trustworthy Computing, Parsons, Tenable Network Security, Websense
The rapid rise in the frequency and sophistication of cyber threats presents an enterprise risk issue that demands
more attention from the officers and directors charged with the stewardship of shareholders’ interests. Corporate
enterprise assets, often in digital form (such as funds, intellectual property, etc.) or executed by digital activity
(transactions, trading algorithms), are threatened by exploitable vulnerabilities and systemic risks. Shareholder
value, which is affected by multiple factors in price/earnings that can be tied to reputation, brand integrity, and legal
and regulatory exposure, is also subject to the severe impacts of cyber incidents. We have seen how swiftly an
event or paradigm shift can take a toll on shareholder value. As a Deloitte report, “Disarming the Value Killers: A
Risk Management Study,” notes, “Almost 50% of Global 1000 companies lost 20% or more in share price in less
than a month during the past 10 years—some never recovered. Most major losses were as a result of a series of
high-impact but low-likelihood events.” To address the risk of cyber attacks ranging from nuisance to catastrophic
and all points in between, corporate executives need to quantify the consequences of risk scenarios. But first,
leaders must understand how their enterprise operates in today’s cyberspace.