Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-November 2nd!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-november-2nd-meeting-tickets-28454632572

Monthly Meetings:

  • When: Wednesday, November 2nd, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: NOVEMBER MEETING ONLY:  Burns & McDonnell’s newly constructed building
  • Address: 9450 Ward Parkway, Kansas City, MO 64114
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.

Next Month Meeting Details:

  • Topic:  Information Sharing
  • Sponsor (food & drink):  Sophos
  • Facilitator:  Alan Fairless co-founder & CEO at SpiderOak

Description: 

Alan Fairless is a security reviewer, practical cryptographer, and the founder/CEO of KC based SpiderOak: a company praised by NSA leaker Edward Snowden for their approach to encryption and key management.  He has written over 1m lines of code.

In 2013 Alan reported an authentication bypass vulnerability in py-bcrypt, an open source security module written by a security engineer at Google. In 2014 Alan disclosed multiple remote root exploits in the Ansible automation system purchased by RedHat.

Alan uses a dvorak keyboard and delivers an above average moonwalk.

SpiderOak is offering a demo of their latest product to check out and ask questions about:  https://spideroak.com/isc2kc

Outcomes/Take-Aways:

  •  Know and deploy best practices for transport encryption (i.e. websites, email servers, and other public systems!)  90+% of inspected KC companies have not done this effectively, and it’s easy to get right!  Effective deployment reduces risk of a compromise and limits damage during a compromise.
  •  Effectively use Full Disk Encryption: understand capabilities and limitations of the technology, specific tools, settings, and policy for humans.
  •  Learn which large vendor’s messaging system has an admirable crypto design, and which heavily promoted encryption standard you are better off to ignore.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

Advertisements

About -Durk-

I am a first and foremost a dedicated follower of Christ. I am a dad. I am an extrovert, a techie geek, an info security expert-in-training, and a wannabe entrepreneur.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s