Category Archives: Events

March, 2019 Chapter Meeting

Our March chapter meeting is on Wednesday, March 6th, 2019 at 5:45PM. Please RSVP if you plan on attending!

Flight Deck Information Assurance Auditing

Abstract: Naval Air Training and Operating Procedures Standardization (NATOPS) is said to be “written in blood.” NATOPS was created in 1961 after nearly 50 years of the US Navy flying aircraft. The extensive system was created to stop the extreme failures that resulted in the loss of hundreds of lives and billions of dollars in loss.

Between 2015 and 2017, WitFoo researchers worked with organizations from higher education, Fortune 500, healthcare and mid-market to test NATOPS quality assurance (QA) approaches in cyber security and information security auditing.

In this session, the following experiments and findings will be discussed:

  • Defining the correct “unit of work” in security operations (borrowing from Maintenance Action Forms.)
  • “Data Evolution” of extremely technical information that can be understood by executives (and Admirals).
  • Ongoing, organic metric collection and analysis in contrast with inspections and audits
  • Separating human audits and architecture audits
  • Improving auditing using NATOPS Readiness Inspections approaches

The session will include data and demonstrations of the findings.

Speaker Biographies: Charles Herring, WitFoo Chief Technology Officer

Charles’ dedication to maturing the craft of InfoSec is built on a diverse career path across the industry. He started his career in InfoSec in the US Navy in 2002 serving as the Network Security Officer at the US Naval Postgraduate School. After leaving active duty, he was a contributing product reviewer for InfoWorld magazine focusing on network security products. Charles spent 7 years running Herring Consulting, a company dedicated to process orchestration, data sharing, and marketing. In 2012, Charles joined the Lancope team as a pre-sales engineer, promoted to Consulting Security Architect and later as Strategic Account Manager following the acquisition of Lancope by Cisco. In 2014, Charles partnered with veterans of the military, law enforcement and cybersecurity to research new approaches to improve the craft of cybersecurity operations. In 2016, that research resulted in the forming of WitFoo. When not working with cybersecurity heroes, Charles enjoys SCUBA divining with his wife, Mai.


Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

February, 2019 Chapter Meeting

Our February chapter meeting is on Wednesday, February 6th, 2019 at 5:45PM. Please RSVP if you plan on attending!

The Zero Trust Journey

Abstract: Zero Trust is more than network segmentation; it’s a complete and holistic approach that includes processes and technologies for protecting data, networks, user access, workloads, and devices via analytics, automation, and orchestration. This session focuses on the Strategy and Design (processes and technology) for your Organization’s Zero Trust journey.

Speaker Biographies:
Craig Young is a Cybersecurity CSE for Cisco Systems. Craig has over 20 years of experience in IT and security with emphasis in Manufacturing, Medical, Retail, Government, and Insurance. His experience has been primarily security focused with some time spent focusing on data center technologies as well.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

November, 2018 Chapter Meeting

Our November chapter meeting is on Wednesday, November 7th, 2018 at 5:45PM. Please RSVP if you plan on attending!

Tales from the CSOC – APT Attack Survival

Abstract: Since early 2018, APT Leviathan (Fever Dream, TEMP.Periscope) has been conducting an ongoing wave of intrusions targeting engineering and maritime entities. This tale from the CSOC chronicles one such attack encounter. From the APT side of the story, we will explore how they achieved shell, conducted recon, gathered creds, moved laterally, established persistence and engaged their core target. From the CSOC side of the story, we will review how they were detected, pursued, and defeated in the last second cut-the-red-wire-before-detonation dramatic ending. We’ll conclude with lessons learned and recommendations.

Speaker Biographies:
Paul Speulstra has over 25 years of enterprise IT experience, is an accomplished cyber security specialist, software developer and IT manager. From the early days of the very first boot sector and macro viruses to today’s threats combating APTs, cyptomining and ransomware attacks, Paul has an extensive and diversified background in the IT security sphere. Currently serving as an incident responder in a Fortune 500 global cyber security operations center for the past 4 years, Paul has firsthand experience in the research, prevention, detection and remediation of current cyber security threats and malware. Paul also enjoys writing custom software security utilities to complement and enhance the defense-in-depth security posture at his workplace.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

October, 2018 Chapter Meeting

Our October chapter meeting is on Wednesday, October 3rd, 2018 at 5:45PM. Please RSVP if you plan on attending!

Building Security That Thinks

Abstract: Learn about evolving technology around machine learning, including fundamentals for Cyber Security Professionals.

Speaker Biographies:
Andy Bryan is the Head of Field Engineering at Vectra, Andy is a technologist who has spent most of his 23-year career moving early stage companies toward publicly traded companies with a heavy focus on Security Studies. Prior to joining Vectra, Andy spend a several years at FireEye / Mandiant, Aruba Networks, and Fortinet. Andy currently holds his CISSP and had taken numerous security certification courses from SANS and went to school at both Colorado Tech and Northeastern University for Computer Science. Early in his career Andy was indoctrinated into the security mindset with US Army where he attended several different schools and spent several years overseas while performing his duty to the United States.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

September, 2018 Chapter Meeting

Our September chapter meeting is on Wednesday, September 5th, 2018 at 5:45PM. Please RSVP if you plan on attending!

NOTE – This meeting will be at Founders Brewery in Grand Rapids. Details below!

Why Ticketing Matters for Security Operations

Abstract: We have plenty of theories about how we should be managing incident response, but how do we take that from idea to actionable program? Join us as we demonstrate how to bring incident response and threat intelligence together under a common platform to enable security analysts to quickly, decisively and effectively understand and respond to incidents as they happen.

Speaker Biographies:
Kris Russo – I have been active in large enterprise IT for 20 years and hold a B.S. in Information Security & Intelligence. An initial infrastructure discipline helped lay the foundation to pursue my passion for information security. I have since held roles in GRC, infrastructure security, vulnerability management and am a certified incident handler. Today I am a Security Architect with a Boutique Integrator, based in West Michigan. My career path has uniquely positioned me to be an advisor for organizations looking to building information security programs that enhance response capability while maximizing the value of security investments.

Matt Reid – I am an accomplished business leader with over 20 years of IT experience in Security and Business Continuity. My career began in Consulting Services, but evolved into Technical Sales and eventually Leadership. I have led many teams of Consultants, Architects and Sales Engineers on both the Vendor and Channel side. I have extensive experience developing Technical Sales plays, creating Service Offerings and fostering an entrepreneurial spirit in the teams I work with. I have been told my ability to understand the technical and work well with people is unique and valuable. Prior to joining ITS to lead their Security business, he spent over a decade at Symantec, technically developing partner communities around emerging technologies. Before Symantec, he worked in the VAR channel as a delivery consultant.

This meeting is being sponsored graciously by ITS. Beverages and appetizers will be provided!

Founders Brewery
235 Grandville Ave SW
Grand Rapids, MI 49503
Take the elevator upstairs to the Centennial Room

Schedule

5:45-7:45 – Presentations

May, 2018 Chapter Meeting

Our May chapter meeting is on Wednesday, May 2nd, 2018 at 5:45PM. Please RSVP if you plan on attending!

DMARC: Email Authentication

Abstract: Understanding SPF, DKIM and DMAR and how they allow you to authenticate email for your Domains.

Speaker Biography:
Chris Lawrence is a 20+ year veteran of the Network, Application, Mobile and User Communication industry. He has worked throughout those year for industry leading Security vendors selling and designing security for all size and types organizations. Most recently he is working at Proofpoint focusing in on the communication channels that corporate users use to do their jobs which includes Email, Mobile, Social Media, SaaS and other collaboration platforms. Prior to moving into sales he spent over 10 years as a Security practitioner building corporate networks for companies in S.E. Michigan.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

March, 2018 Chapter Meeting

Our February chapter meeting is on Wednesday, March 7th, 2018 at 5:45PM. Please RSVP if you plan on attending!

Governance, Risk & Compliance Solutions: Best Practices and Lessons Learned

Abstract: GRC solutions can be an effective way to manage your security program however all too often organizations purchase a solution before they are ready. This presentation will cover best practices and lessons learned from the field while Chad Clement worked as a GRC Consultant as well as his experiences deploying GRC solutions in his own environments as a CISO and Global Security Manager.

Speaker Biography:
Chad Clement is a Sr. Solutions Architect with Optiv where he is currently works in pre-sales. Prior to joining Optiv Chad was Chief information Security Officer for a regional health system. Chad has over 25 years if information technology and information security ranging from Department of Deference, finance, manufacturing, food services and healthcare. He has prior work experience as a GRC consultant where he has deployed GRC solutions in healthcare, manufacturing, food services and finance.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

February, 2018 Chapter Meeting

Our February chapter meeting is on Wednesday, February 7th, 2018 at 5:45PM. Please RSVP if you plan on attending!

Current Ransomware Update

Abstract: Ransomware is a $1 billion dollar security industry, and that’s just for the cybercriminals. It is by far the most profitable malware threat in history. Because of this, along with reduced barriers to entry for attackers, these incidents are widespread, causing significant business loss and disruption for organizations. Sophistication levels, pervasiveness, polymorphism, and impact are also on the rise. In this discussion, David Lindstrom and Jimmy Nguyen of Cisco security will discuss current ransomware trends, the anatomy of an attack, prevention and detection capabilities, and response strategies to minimize ransomware-related risk.

Speaker Biography:
David Lindstrom is a Cyber Sales Specialist for Cisco, based in Southfield. He joined Cisco via the Lancope acquisition in 2015, and has worked closely with local companies in security planning and operations. He has been involved in technical solution selling for over 20 years as an individual contributor and in sales management. He supports accounts in the enterprise space in Michigan.

Jimmy Nguyen is a Security Consulting Systems Engineer, based in Lansing. He has over 15 years experience in security operations, engineering, and architecture, and joined Cisco in 2017 from HP Security. In his role as CSE, he helps MI enterprises align security architecture and operations to organizational priorities and security framework to achieve optimal business outcomes.

Schedule
5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information
Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

December, 2017 Chapter Meeting

Our December chapter meeting is on Wednesday, December 6th, 2017 at 5:45PM. Please RSVP if you plan on attending!

FBI Cyber Agent Update

Abstract: Don Whitt, a Grand Rapids-based Cyber Agent for the Federal Bureau of Investigation’s Cyber Task Force will be presenting. Special Agent Whitt has worked for the FBI for over seven years researching and addressing cyber threats.

Schedule

5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map