(ISC)² KC Chapter: September 7th Meeting

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-September 7th!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-september-7th-meeting-tickets-27263009395

Monthly Meetings:

  • When: Wednesday, September 7th, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: Ruisch Auditorium at Black & Veatch 
  • Address: 11401 Lamar Ave., Overland Park, KS 66211 map
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.

Next Month Meeting Details:

  • Topic:  DNS Security.
  • Sponsor (food & drink):  Radware
  • Facilitator:  Jamison Uttter

Description: 

Jamison Utter will provide education on how DNS, a critical network service is being abused today, the potential impact to that abuse and real world examples for safeguarding DNS.

 

Jamison is the field facing security consultant for Infoblox, meeting daily with security professionals to understand and uncover their DNS vulnerabilities.   A 15-year veteran of frontline hands on, technology positions all within the Internet and Security crossroads. With broad experience from Hallmark.com, Sprint (ION), SUN Microsystems, and the Midwest ACH Exchange (UMB), Jamison brings a unique view of security as both a practitioner and consultant.  He currently resides outside of Denver with his wife and dog and enjoys the outdoors, playing guitar, and full contact armored fighting.
Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

(ISC)² KC Chapter: August Announcements

August’s chapter meeting was another great discussion.  Information, CPU and business is moving to the cloud!  Do you have a cloud strategy/governance policy?  If not you need one; for your organization and those you partner with.  If you do, is there room for improvements?  Agility, flexibility and efficiency isn’t just for the cloud, it should also be built in to your security strategy and policy as well.  A big thanks to Gil Friedirch who facilitated the discussion around cloud security and CASB.  Also thanks to Andy Duewel & Rich Fortman and the folks from SecureAuth for sponsoring our meeting and providing food and beverages for the evening.

Resources to continue the discussion and learning:

Announcements:

  • CPEs-If you hold an (ISC)2 certification, our chapter meetings are worth 2 CPEs.  The Chapter will submit the CPEs for you!  You have to sign in, provide your correct certification number and allow a few weeks for the CPE’s to be submitted and recorded.
  • Membership Reminder
    • Attend once in a 6 month period to retain membership status.
    • Membership is free thanks to our monthly sponsors.
    • Our round-table discussion is what sets us apart from other local infosec meetups.
  • Our Chapter now has tax-exempt status!  That’s right, thanks to Yoram & Britney for filing the proper paperwork.  It took less than 2 weeks!  Donations are now tax-exempt.
  • Safe & Secure Online – Our chapter is embracing the SSO program and encouraging members to participate.  We are looking for volunteers to take the lead to help organize and grow this program for our chapter.  Safe & Secure Online was created by the Center for Cyber Safety and Education and the members of (ISC)² to teach everyone how to become more responsible digital citizens. (ISC)² is the world’s premier cybersecurity certification organization.
    • Open to anyone-you do not have to hold an (ISC)² certification!
    • Pre-made presentations at the elementary, middle school, parent and senior citizen levels that YOU can give in our community schools, youth groups, retirement and assisted living facilities.
    • More information at safeandsecureonline.org/
  • Study Groups:
    • CISSP
      • (ISC)² recently released a new CISSP app based on the bestselling Sybex study guide
      • Contact:  Mark Waugh (waugh.mark.r@gmail.com)
    • CCSP
  • Networking

(ISC)² KC Chapter: August 3rd Meeting

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-August 3rd!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:
https://www.eventbrite.com/e/isc2-kc-chapter-august-3rd-meeting-tickets-26752164444

Chapter Monthly Meeting Details

  • When: Wednesday, August 3rd, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: Ruisch Auditorium at Black & Veatch
  • Address: 11401 Lamar Ave., Overland Park, KS 66211 map
  • Format: Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.

NEXT MONTH’S MEETING

  • Topic: Cloud Security (including cloud access security brokers-CASB)
  • Sponsor (food & drink): Andy Duewel & Rich Fortman with SecureAuth (Thanks!)
  • Facilitator: Gil Friedirch, Avanan’s CEO
  • Description:

Gil Friedirch, Avanan’s CEO, has spent the last 16 years in IT-Security and was part of several innovative technologies in Intrusion Prevention Systems, Network Access Control and most recently Cloud Security. Prior to Avanan, Gil was ForeScout’s VP R&D and VP Technology, where he led the company’s development of signatureless IPS, and then led the company’s change to Network Access Control. ForeScout NAC is considered by all market analysts and most major customer as the best solution in that market. While at ForeScout, Gil heard from his former customers their move to the cloud and their need to implement the leading data center solutions for where their servers were moving to – SaaS and IaaS. This was the driver and mission to start Avanan.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

(ISC)² KC Chapter: July 7th Meeting

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-July 6th!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-july-6th-meeting-tickets-25791545

Chapter Monthly Meeting Details:

  • When: Wednesday, July 6th, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: Ruisch Auditorium at Black & Veatch 
  • Address: 11401 Lamar Ave., Overland Park, KS 66211 map
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.

NEXT MONTH’S MEETING:

  • Topic:  Mobile Security
  • Facilitator:  John Britton with VMware

Description: 
John Britton is currently the director product security, End-User Computing (EUC), for VMware. With over 15 years of engineering, product marketing and sales management experience, John is an expert in a broad spectrum of technology specialties, including security, mobility, messaging and supply chain management.
He is a frequent expert speaker at industry circuits on mobile security and device management, consumerization of IT and bring-your-own-device (BYOD) topics. He has also consulted and helped architect many of Fortune 500 companies’ mobile security infrastructures.

Prior to VMware, he held in thought-leadership roles at Good Technology, mFoundry and Credent Technologies.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

 Directions to our **NEW** meeting location:  map

  1. Take exit 79 off of I-435 & Metcalf Ave. in Overland Park, KS.
    2.  Go south on Metcalf Ave.
    to College BLVD.
    3.  Turn east (left) onto College BLVD. to Lamar Ave.
    4.  Turn south (right) onto Lamar Ave.  Black & Veatch will be a block down on the left (east).
    5.  Find the front entrance to the south, right across from the Sprint Campus (off of 115th St.).
    6.  Locate the front entrance-it looks like an atrium-it is glass with grass on the roof.

(ISC)² KC Chapter: NEW MEETING LOCATION!

We are pleased to announce our new meeting location at Black & Veatch located at 115th St. & Lamar Ave. in Overland Park, KS.  Our next meeting will be held at the Black & Veatch building located right across from the Sprint campus with entrances on 115th & Lamar.

Where: Black & Veatch Auditorium
Address:  11401 Lamar Ave., Overland Park, KS 66211

Even though the location is changing, our round-table discussion, professional networking and free food & refreshments will not change.  Our meting will still begin at 6:30 and end at 8:30.  And we will still meet the first Wednesday of every month.

Details for the next the next (ISC)² Kansas City Chapter Meeting will be posted in the next week or two.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

Directions to our new meeting location:

1.  Take exit 79 off of I-435 & Metcalf Ave. in Overland Park, KS.
2.  Go south on Metcalf Ave. to College BLVD.
3.  Turn east (left) onto College BLVD. to Lamar Ave.
4.  Turn south (right) onto Lamar Ave.  Black & Veatch will be a block down on the left (east).
5.  Find the front entrance to the south, right across from the Sprint Campus (off of 115th St.).
6.  Locate the front entrance-it looks like an atrium-it is glass with grass on the roof.

(ISC)² KC Chapter: May 4th Meeting

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-May 4th!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-may-4th-meeting-tickets-24821996259

Chapter Meeting Details:

  • When: Wednesday, May 4th, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: THE CAVES!  Cavern Technologies Phase 4
  • Address: 17501 W 98th St #856, Lenexa, Kansas 66219
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.
  • Topic: What Apple and the FBI Can Teach Us About Compliance
  • Description:  From high-profile clashes with the FBI to standardizing transatlantic data transfers, the conversation about privacy compliance continues to make the headlines. These debates allow us to open the door for reexamination of how modern day security and privacy compliance should be shaped.While current measures largely focus on a decade-old notion of protecting devices (i.e., desktops, laptops, servers, mobile) and networks (i.e., SSL, TLS), this mindset doesn’t align with today’s computing model where data continually transfers from devices and networks, constantly shifting ownership at the same time.

    So, how do you make sure your organization is securing the data itself, not just the device? CTO of PKWARE, Joe Sturonas, will build upon his 25 years of experience and present attendees with:

    • The latest privacy techniques to secure information at the source
    • Sensible ways go beyond compliance for easy information sharing between the right people
    • Actionable takeaways on how to identify where methods can be improved, demonstrating through case studies  where data breaches could have been avoided


    Joe Sturonas, a 25-year veteran of the commercial software industry, is responsible for product development at PKWARE, including software engineering, documentation, quality assurance and technical support. Joe has exuberantly worked with companies and government entities on overcoming the biggest organizational challenge of our time: protecting information. At nine of the top 10 global banks and with 200 government agencies, Joe has helped find extensive solutions when it comes to encryption, compliance, data security and data center optimization. He holds a BS degree from Miami University and an MS degree in Artificial Intelligence from DePaul University.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.


(ISC)² KC Chapter: April 6th Meeting

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-April 6th!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-april-6th-meeting-tickets-24256145785

Chapter Meeting Details:

  • When: Wednesday, April 6th, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: THE CAVES!  Cavern Technologies Phase 4
  • Address: 17501 W 98th St #856, Lenexa, Kansas 66219
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.
  • Topic: Security and Risk executives face a stream of constant challenges from multiple vectors.  Making sense of how to respond to the various challenges can become a confusing and unmanageable nightmare.  In this session, Scott will address his top ten list for what keeps the CISO up at night, what some experts predict, and some practical requirements for finding the right enabling technology.

    • Scott Ferguson leads the global Risk and Security Consulting Practice for ServiceNow.   Previously he was a Governance, Risk, and Compliance Consultant providing guidance to organizations implementing technologies for adhering to regulations, standards, and security frameworks.  Prior to his time as a vendor, he spent over 18 years as a practitioner.  His primary focus was on Business Continuity, Capacity Planning, Change Management, Service Management, enabling technologies, and a Control Framework.  His experience spans multiple industries, including, financial, insurance, technology, and consumer products.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

(ISC)² KC Chapter: March 2nd Meeting

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-March 2nd!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-march-2nd-meeting-tickets-22276941933

Chapter Meeting Details:

  • When: Wednesday, March 2nd, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: THE CAVES!  Cavern Technologies Phase 4
  • Address: 17501 W 98th St #856, Lenexa, Kansas 66219
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.
  • Topic: Network security has evolved from the traditional “perimeter” firewalls, IDS/IPS, and static ACLs into mobile- or data-centric models that decentralize the security stack and place heavy emphasis on endpoint security. However, large-scale data breaches still continue their upward track (over 139 million PII/PHI records compromised in just the top 3 events from 2015) so what’s a security professional to do?  Don’t neglect the common denominator in the vast majority of attacks:  the network!  Join representatives from network security specialists Lancope/Cisco and Damballa as we talk about network-based detection and mitigation of advanced threats in your environment.
    • Terry Olaes is a senior Sales Engineer at Damballa, a network security company focused on detection of advanced threats in your environment. Prior to Damballa, Terry was the focal for a security incident at a major retailer that resulted in a trip to Capitol Hill, articles with Brian Krebs, and other unwanted attention.  Terry lives in NW Fort Worth, TX and relaxes by gaming and letting his kids climb all over him.
    • Brett Nelson is a 20-year veteran of the Information Security industry, holding engineering roles at Secure Computing, Ernst & Young, Juniper Networks, and Cisco Systems working with some of the largest enterprises in the world. Brett is a Consulting Systems Engineer in Cisco Systems Advanced Threat Solutions group. Cisco recently acquired Lancope where Brett was advising organizations on emerging internal security methodologies and Network Behavioral Anomaly Detection.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

(ISC)² KC Chapter: February 3rd Meeting

As mentioned in our January chapter membership meeting, we are announcing a malware contest!  And there has been a lot of excitement from membership as well as vendors.

February’s chapter membership meeting will give vendors a chance to focus on advanced endpoint protection and reviewing different methods for defending against malware attacks.

March’s chapter membership meeting will focus on implementing what we have learned!  This is when we will have the BYO Malware contest.  More detals and guidelines are below (down a bit).

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-February 3rd!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-february-3rd-meeting-tickets-21059380173


Chapter Meeting Details:

  • When: Wednesday, February 3rd, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: THE CAVES!  Cavern Technologies Phase 4
  • Address: 17501 W 98th St #856, Lenexa, Kansas 66219
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.
  • Topic: Advanced Endpoint Protection – Reviewing different methods for defending against attacks
  • Heuristic based (HIPS) – RSA ECAT
  • Application Control (Whitelist / Blacklist) –  Bit9
  • Dynamic Analysis (sandbox, isolation) – Cisco AMP
  • Anti-Exploit –  Palo Alto Traps

The table below outlines multiple defense types. The table was created by Walt Powell from Optiv (Thanks Walt!).

Heuristic based (HIPS)

Solutions that utilize behavioral base lining and learn suspicious file characteristics. common heuristic/behavioral scanning techniques include: File Emulation, File Analysis, Genetic detection, Fingerprinting

Application Control (Whitelist / Blacklist)

Solutions that use whitelisting and blacklisting approaches to restrict application execution. Whitelists use a default-deny, if an application is not explicitly approved it will not run. Blacklists are the opposite, known bad executables are restricted. 

Dynamic Analysis (sandbox, isolation)

Solutions that separate one or more environments or executing processes such that exploitation of a process will not affect the system as a whole. Designed to isolate entire systems, web browsers, the MS Office Suite and document readers.

Anti-Exploit

Solutions that increase the difficulty of obtaining programmatic control of a system. Anti-exploitation solutions prevent malware from acting on vulnerabilities in software.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

 

Bring Your Own Malware Contest & Guidelines (March Chapter Meeting)

 

We are inviting several endpoint protection vendors to come prepared with their systems to protect their endpoints from your malware.

Here are the rules (so far, we reserve the right to tweak them if need be):

-Vendors will arrive early to set up their Windows 7 Enterprise machines.
-Each participant will be given a few minutes per machine to:
—Plug in a USB drive
—Navigate Windows Explorer with the sole purpose to
—Execute their malware .exe file.
—Let the malware program run.
—Unplug their USB drive
—There will be no Internet access

The Windows 7 Enterprise image will include:

-MS Office
-Java
-Adobe

We do want your input! First we would like to know if you plan to participate, please email me (derinbeechner@gmail.com) if you plan to bring a USB drive with your malware. We are hoping a good number of you will participate! And we would also like to know what, if any, other programs you would like included in the Windows 7 image.

 

(ISC)² KC Chapter: January 6th Meeting

Hope you had a relaxing, restful and happy Holiday vacation.  This invite is going out just a few days before our event.  I figured it might get lost in all of the holidays.  Our next chapter meeting is THIS WEDNESDAY!  So register now.

Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-January 6th!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

https://www.eventbrite.com/e/isc2-kc-chapter-january-6th-meeting-tickets-20300125221 

Chapter Meeting Details:

  • When: Wednesday, January 6th, 2016 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: THE CAVES!  Cavern Technologies Phase 4
  • Address: 17501 W 98th St #856, Lenexa, Kansas 66219
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.
  • Topic: Incident Response:  “You’ve been breached! Now What?”

    • Terry’s Awesome Story and his Lessons Learned
    • Part 3 of 3
      • Part 1 – Details of a real world breach and why you need trusted partner
      • Part 2 – Forensic Analysis
      • –>Part 3 –  Remediation
    • Goal:  A motivated adversary will get in, which is why defense in depth always requires response.  You must be able to go back in time to find out how the attack started, where it went and what it did; and you must have the right tools to contain the damage and gather data for the investigation.

Facilitators:

  • Terry Olaes is a senior Sales Engineer at Damballa, a network security company focused on detection of advanced threats in your environment. Prior to Damballa, Terry was the focal for a security incident at a major retailer that resulted in a trip to Capitol Hill, articles with Brian Krebs, and other unwanted attention.  Terry lives in NW Fort Worth, TX and relaxes by gaming and letting his kids climb all over him.
  • Danny Guillory is a Premier Field Engineer at Microsoft. He has specialized in Configuration Manager & Automation since SMS 2003.  His experience includes systems administration, disaster recovery planning, and time as an infantrymen in the United States Army.
  • Randy Stone, a Principal Consultant on the Dell SecureWorks Incident Response team, trains organizations to prepare for computer incidents and provides on-site assistance to manage incidents that have already occurred.  In his prior 23-year career as a police detective, he spent 12 years conducting computer forensic examinations for hundreds of cases, including those involving serial killers, child exploitation, cyber stalking and financial crimes.  Randy has testified in federal and state courts as a fact witness and as an expert witness, and has received awards from the FBI and the High Technology Crime Investigation Association for his computer forensic investigations.

Take-Aways:

  • From Terry:  In this series, I want you to ensure that you are armed with the right knowledge that will positively impact the recovery from a security incident resulting in a breach.  In this first session, we will talk about the importance of being proactive in defining a trusted partner to assist you with investigation and other aspects of an incident.  From establishing client privilege to providing impartial situation reports to unbiased remediation recommendations, this external partner can mean the difference between survive and thrive for you personally and professionally.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.