Author Archives: isc2westmich

Update on future meetings

Hello all;

The (ISC)2 West Michigan Chapter board of directors has made the decision to cancel our April and May meetings in light of the “stay home, stay safe” mandate in the state of Michigan and anticipated ongoing COVID-19 concerns stretching into May.

We will observe our normal summer break in June, July and August which means our next scheduled meeting will be Wednesday, September 2, 2020. As we get closer to September we will send out the normal announcement and RSVP link. We wish all of our members health, safety and (cyber)security as we navigate through these times.

Sincerely,
Jon, Dave, Patti, Stormy and Ben

March, 2020 Chapter Meeting

Our March chapter meeting is on Wednesday, March 4, 2020 at 5:45PM. Please RSVP if you plan on attending!

Open Source SIEM

Abstract: The Gordon Food Server Enterprise Information Security team chose to adopt an open source approach to security monitoring. After analysis, we decided to implement an Elastic Stack environment in preference over a commercial SIEM. This talk will discuss where we started, what we were looking to accomplish, why we chose the Elastic Stack. We will discuss adoption, budget, resource requirements, lessons learned to implement the solution and where we are taking our implementation in the future.

Speaker Biography: Paul Dumbleton is the Enterprise Information Security Team Manager at Gordon Food Service

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

February, 2020 Chapter Meeting

Our November chapter meeting is on Wednesday, February 5, 2020 at 5:45PM. Please RSVP if you plan on attending!

Is poor cyber hygiene crippling your security program?

Abstract: Don’t expect a whole lot from your expensive new security tools unless you first master the basics. Time and again in 2019, responders and security analysts saw threat actors exploit basic security gaps to circumvent expensive security stacks. Join Marcelle Lee and Allison Wikoff, both Senior Security Researchers from Secureworks’ Counter Threat Unit™ Research team for an overview of the cyber threat landscape. Topics covered will include: Lessons learned from Secureworks incident response practice, eCrime threat landscape, and targeted threat landscape (with a focus on Iran)

The new Secureworks Incident Response Insights Report 2019 shows how organizations are undermining their security programs by leaving gaps in security fundamentals that gift easy opportunities to threat actors. As a result, the adversaries gravitated toward known successful tactics and needed only moderate evolution to achieve success. Use of native tools and other living off the land techniques helped them evade detection. Frustratingly, many of the gaps our team saw can be effectively addressed with measures like multi-factor authentication.

The report examines the methods threat actors used to gain access and provides advice on prioritizing your efforts to protect against present day threats. You’ll also learn the 5 most common misconceptions our incident response team hear from organizations with large blind spots.

Speaker Biography: Marcelle Lee and Allison Wikoff, both Senior Security Researchers from Secureworks’ Counter Threat Unit™ Research team

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

December, 2019 Chapter Meeting

Our November chapter meeting is on Wednesday, December 4, 2019 at 5:45PM. Please RSVP if you plan on attending!

Preparing For The Future Of Privacy Laws and Consumer Expectations

Abstract: We will discuss privacy law and intellectual property law. Amanda will present some specific ways in which businesses can work to comply with global privacy laws as well as prepare for the future of privacy laws and consumer expectations. She will also talk briefly about Trademarks, Patents, and Copyright and what businesses should do to safeguard intellectual property. Amanda will be available for discussion and questions.

Speaker Biography: Amanda is a Bilingual (Spanish) attorney with experience in Intellectual Property, Privacy, corporate transactional, and civil litigation matters. Amanda’s practice includes counseling clients on trademark, copyright, data privacy and security, contracts, licensing, technology and internet law. Amanda works with clients all over the world and handles sensitive business matters including brand protection, IP infringement, e-commerce matters, Amazon seller disputes, data privacy, data breach response, complicated business contracts, and high dollar Asset Purchase Agreements, etc.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

November, 2019 Chapter Meeting

Our November chapter meeting is on Wednesday, November 6, 2019 at 5:45PM. Please RSVP if you plan on attending!

Cyber Crime Update from the FBI

Abstract: Donald W. Whitt from the FBI Cyber division will be providing a current state of affairs in the battle against cyber crime.

Speaker Biography: Agent Donald W. Whitt is a Special Agent in the FBI’s cyber division.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

October, 2019 Chapter Meeting

Our September chapter meeting is on Wednesday, October 2, 2019 at 5:45PM. Please RSVP if you plan on attending!

Securing Your Automation Platform, Infrastructure and Processes

Abstract: Robotic process automation (RPA) has been called the fastest growing enterprise software market by Gartner.  Some companies are even pursuing strategies involving a ‘bot for every employee’.  Given the rapid growth of automation and the digital workforce, the most typically-asked questions revolve around securing the automation platform and digital workers.  Via our client discussions in the market, we have developed a set of best practices and approaches for organizations looking to adopt RPA and scale across the organization.  During this session, automation and digital workforce experts from UiPath will discuss considerations for handling access and credential management, architecture for controlling and monitoring automations and other top of mind security subjects.

Speaker Biography: Paul Bruning and Sachin Gupta, UiPath

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

September, 2019 Chapter Meeting

Our September chapter meeting is on Wednesday, September 4, 2019 at 5:45PM. Please RSVP if you plan on attending!

Next Generation Security Operations

Abstract: Over the last few years, cyber Security Operation Centers (SOC) have been established and evolved for medium to large sized organizations. With increase in digitization, internet traffic, strict compliance guidelines (GDPR, CCPA, etc.), malicious attacks and ransomware issues, SOCs have played a major role in identification, analysis/investigation and response for the cyber issues which the organizations face impacting their business operations. A typical SOC has evolved from the NOC (Network Operations Center). This presentation will discuss the items which are critical to the success of cyber security leaders and operations.

Speaker Biography: Rajiv Das

Rajiv has more than 25 years of information technology strategy, operations, large systems integration, cyber security and program management experience. Rajiv recently joined Plante Moran after serving as Chief Information Security Officer (CISO) for the Department of Technology, Management and Budget, State of Michigan. He is an alumnus of Michigan State University – Eli Broad College of Business, where he earned his MBA and is a resident of Okemos, Michigan.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

May, 2019 Chapter Meeting

Reminder: The West Michigan ISC2 chapter skips April as many attendees are participating in Spring Break.  Have fun and safe travels.

Our May chapter meeting is on Wednesday, May 1, 2019 at 5:45PM. Please RSVP if you plan on attending!

Developing an Infosec Operational Dashboard

Abstract: John will share a de-identified cyber security operational dashboard used for monthly reporting.  This will offer insight for cyber security leadership and IT leadership to see what works and to hear the story of what does not.  This will also offer details for the security practitioner on what is important and what is not.  Security without measurements makes it hard to see if you are headed in the right direction.  A good dashboard can fit on one page and does not have to overwhelm the audience.

Speaker Biography: John Weller

John Weller is the Chief Information Security Officer for Metro Health – University of Michigan Health since 2015. Leadership experience includes Chief Information Security Officer, IT audit manager, and twenty years broad IT experience delivering enterprise-wide solutions and developing IT service management teams.  Transformational leader that leverages data driven operations with measurable results that cover infrastructure, IT support, business intelligence, workflow, identity management, and security operations.  Accomplished risk management leader experienced in Sarbanes Oxley regulations, COBIT controls, GLBA act, HIPAA, HITRUST, ISO, and PCI. Comfortable presenting to executive boards and chairing subcommittees.  

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

March, 2019 Chapter Meeting

Our March chapter meeting is on Wednesday, March 6th, 2019 at 5:45PM. Please RSVP if you plan on attending!

Flight Deck Information Assurance Auditing

Abstract: Naval Air Training and Operating Procedures Standardization (NATOPS) is said to be “written in blood.” NATOPS was created in 1961 after nearly 50 years of the US Navy flying aircraft. The extensive system was created to stop the extreme failures that resulted in the loss of hundreds of lives and billions of dollars in loss.

Between 2015 and 2017, WitFoo researchers worked with organizations from higher education, Fortune 500, healthcare and mid-market to test NATOPS quality assurance (QA) approaches in cyber security and information security auditing.

In this session, the following experiments and findings will be discussed:

  • Defining the correct “unit of work” in security operations (borrowing from Maintenance Action Forms.)
  • “Data Evolution” of extremely technical information that can be understood by executives (and Admirals).
  • Ongoing, organic metric collection and analysis in contrast with inspections and audits
  • Separating human audits and architecture audits
  • Improving auditing using NATOPS Readiness Inspections approaches

The session will include data and demonstrations of the findings.

Speaker Biographies: Charles Herring, WitFoo Chief Technology Officer

Charles’ dedication to maturing the craft of InfoSec is built on a diverse career path across the industry. He started his career in InfoSec in the US Navy in 2002 serving as the Network Security Officer at the US Naval Postgraduate School. After leaving active duty, he was a contributing product reviewer for InfoWorld magazine focusing on network security products. Charles spent 7 years running Herring Consulting, a company dedicated to process orchestration, data sharing, and marketing. In 2012, Charles joined the Lancope team as a pre-sales engineer, promoted to Consulting Security Architect and later as Strategic Account Manager following the acquisition of Lancope by Cisco. In 2014, Charles partnered with veterans of the military, law enforcement and cybersecurity to research new approaches to improve the craft of cybersecurity operations. In 2016, that research resulted in the forming of WitFoo. When not working with cybersecurity heroes, Charles enjoys SCUBA divining with his wife, Mai.


Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

February, 2019 Chapter Meeting

Our February chapter meeting is on Wednesday, February 6th, 2019 at 5:45PM. Please RSVP if you plan on attending!

The Zero Trust Journey

Abstract: Zero Trust is more than network segmentation; it’s a complete and holistic approach that includes processes and technologies for protecting data, networks, user access, workloads, and devices via analytics, automation, and orchestration. This session focuses on the Strategy and Design (processes and technology) for your Organization’s Zero Trust journey.

Speaker Biographies:
Craig Young is a Cybersecurity CSE for Cisco Systems. Craig has over 20 years of experience in IT and security with emphasis in Manufacturing, Medical, Retail, Government, and Insurance. His experience has been primarily security focused with some time spent focusing on data center technologies as well.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map