Our March chapter meeting is on Wednesday, March 2nd, 2015 at 5:45PM. Please RSVP if you plan on attending!

Security Research and Adventures in Responsible Disclosure

Abstract: The biggest security holes are the ones we don’t know about. To find these weaknesses we have to think like the bad guys do. Even as security researchers, we must look at everyday applications through the eyes of a malicious hacker. After learning basic functionality, we can come up with creative methods of (ab)using the application. This presentation details our findings along with the process we go through, challenges we face, and risks we take to responsibly disclose them.

Speaker biography: Presented by Adam Logue and Ryan Griffin.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our February chapter meeting is on Wednesday, February 3rd, 2015 at 5:45PM. Please RSVP if you plan on attending!

Application Threat Modeling in Risk Management

Abstract: Business and government organizations have wised up to the need for a risk-based management approach to info / cyber / <buzzword>-security. But most security risk assessment efforts get mired in excessive analysis or produce results with little substance to them. Should we be using a kill-chains approach? NIST or ISO frameworks? This presentation examines organizational impact of assets based on value and profiles threat agents from their motivations, capabilities, resources and tactics. We’ll step through using the Microsoft Threat Modeling Tool to make data-flow diagrams and gain insight into the soft spots where these threat agents can make contact, cover insider threats and draw threat profiles that make them real for management. Then we’ll show you how to pull this all together in a form that drives home your point.

Speaker biography: Mel Drews has been security consultant to hospitals, government agencies, universities, electric utilities and financial institutions large and small all around the country. He’s used and built risk assessment tools in many teams with a wide range of capabilities. He also claims expertise in penetration testing, software security, system
hardening, and audit. Mel is a SANS Institute Mentor instructor planning his next course to deliver on web application defense. He’s currently working on software security and risk assessment with a large financial services firm in Michigan.

UPDATE: Download the presentation from Mel’s site here.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our December chapter meeting is on Wednesday, December 2nd, 2015 at 5:45PM. Please RSVP if you plan on attending!

How to Adapt What We Have Now to the IoT (The Internet of Things)

Abstract: Information Security Professionals are fast realizing that they are facing new challenges:

• How do I strategize, budget, & execute today for a world that I can’t even imagine five years from now?
• How do I sleep at night when after 99 successes, one small miscalculation could put my name on the front page of the Wall Street Journal or the headline of the Drudge Report?
• Now that the guys in the high-back chairs in the corner offices want to invite me to their meetings, how do I put all this craziness into words that they can understand?
  In this fast changing world, let’s be honest, the pocketbooks have opened & IT Security is getting the funds <<yea!>> & the attention <<boo!>> that we need. The bottom line? You’ll leave this discussion with four or five things you can do that will keep you on the road to those 99 successes while making that story above the fold a little less likely.

Speaker biography: Caston Thomas brings perspective, knowledge and a practicality to how to combine technology and process change for improving security & management of mobile & the cloud. Caston has pioneered communications & workflow technologies in a number of healthcare organizations. With almost 30 years in corporate information technology, he is sought by business leaders as an expert helping to fill the gap between mobile security frameworks and the operational processes & technologies that make them work.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our November chapter meeting is on Wednesday, November 4th, 2015 at 5:45PM. Please RSVP if you plan on attending!

IT Security Update from FBI

Abstract: Special Agent Joliffe will be giving a general update on current matters related to IT security and will touch on issues and incidents that have affected organizations both locally and globally.

Speaker biography: Special Agent Peter Jolliffe has been assigned to the FBI’s counter intelligence matters in West Michigan for the past 6 years.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our October chapter meeting is on Wednesday, October 7th, 2015 at 5:45PM. Please RSVP if you plan on attending!

Past, Present and Beyond the Boundaries of Vendor Management and Security

Abstract: As business growth and cloud vendors becomes more important to survive, IT is required to match the business agility through flexible security models, methodologies and infrastructure.

This session will cover:

• Experiences modernizing vendor management in a cloud era
• The overall approach to finding flexible onboarding of new or existing solutions
• Single sign-on, contract reviews, and IT and security architecture

Speaker biography: Eric Merkle, Business Architect at BDO USA, LLP, focuses on identifying process improvements and emerging technologies. His professional career began in operational support, and he gradually moved into project management, vendor management and architecture. Eric is a member of PMI and IASA Global and has certifications in PMP, Architect Core and ITIL.

Eric has been with BDO for over 14 years and continues to have a passion for designing new and improving business processes throughout BDO.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our September chapter meeting is on Wednesday, September 2, 2015 at 5:45PM. Please RSVP if you plan on attending!

Member Roundtable & Planning Session

The ISC2 West Michigan Chapter board members will be hosting a roundtable discussing current security topics, as well as gauging interest in specific topics and soliciting member presentations for the remainder of 2015.  We hope this will be a very interactive meeting and will result in a having a schedule outlined for upcoming meetings.  If you have a topic you’d like to present on please come prepared to discuss!

NOTE: Meeting location has been changed.  See location information below.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Hello – the Chapter is currently on summer hiatus.  Meetings are scheduled to resume on September 2nd, 2015.  If you or someone you know is interested in presenting to the group, please let us know and we will be in touch.

Thank you for your support and enjoy the summer!

MEETING HAS BEEN CANCELLED!

Our May chapter meeting is on Wednesday, May 6th, 2015 at 5:45PM. Please RSVP if you plan on attending!

Web Content Filtering Overview & Best Practices

Abstract: Web filtering can deliver many positive benefits for your organization and its end users that exceed simple category blocking. Proper group management and access auditing can help to reduce overall risk to an organization. Web Filtering is a great security tool that provides an essential layer of protection from the various online threats we face today.

Speaker biography: Kyle Washburn, SSCP – resides in South West Michigan and is an Information Security Technical Specialist for Ascension Information Services. AIS is a subsidiary of Ascension, a Catholic healthcare organization with over 30 Health Ministries across the United States. Kyle has over 12 years of experience in the Information Technology field working with companies such as CSC, Dell, and AIS.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

Location Information

Metro Health Conference Center
2225 Main Street
Wyoming, MI, 49519

Map

Update: The slide deck for this presentation is available here.

Our April chapter meeting is on Wednesday April 1st, 2015 at 5:45PM. Please RSVP if you plan on attending!

Cloud Vendor Security Assessments

Abstract: Are company “Crown Jewels” in the cloud? What evidence do you have that company data in the cloud is secure? Lloyd Guyot will lead a collaborative discussion based on his experience implementing and leading a Cloud Vendor Security Assessment service for a global, Fortune 100 company. Topics to be discussed include the processes, procedures and tools used in assessing a Cloud Vendor security posture.

Speaker biography: Lloyd Guyot, CISSP, CISM resides in West Michigan and is a Lead Security Analyst for Johnson Controls, a global Fortune 100 company headquartered in Milwaukee, Wisconsin. Lloyd has over 15 years’ experience in the Information Security field and is an Adjunct at Davenport University and serves on the FBI InfraGard / U.S. Homeland Security – West Michigan Board of Directors.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

Location Information

Metro Health Conference Center
2225 Main Street
Wyoming, MI, 49519

Map

Our March chapter meeting is on Wednesday March 4th, 2015 at 5:45PM. Please RSVP if you plan on attending!

PKI Implementation: The Good, Bad, and Ugly

Abstract: Matt will lead an open discussion based on his experience implementing and attempting to rollout a new Public Key Infrastructure. Topics to be discussed are Vendor selection, Software selection, Planning, Certificate Usage, Piloting, and current status of this “live” project.

Speaker biography: Matthew Somers, CISSP resides in West Michigan and is the Information Security Officer for a global company headquartered in the US. Matt has over 13 years experience in the Information Security field.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

Location Information

Metro Health Conference Center
2225 Main Street
Wyoming, MI, 49519

Map