Our April chapter meeting is on Wednesday, April 6th, 2016 at 5:45PM. Please RSVP if you plan on attending!

Raising Your Awareness On The Importance Of Awareness

Abstract: SIEMS, FIMS, IDS/IPS, Network Forensics, Vulnerability Management, Micro Segmentation, IAM and multi-factor auth. Fundamental technology that is vital to any robust security program….yet despite the amount we are spending on technology we continue to be plagued with ransomware, credential theft and data exfiltration. When we look at how the traditional attack surface has been hardened it’s easy to see why our enemies have shifted to the softest target, the human. The good news is there is hope for a better future! The most effective thing we can do to minimize these attacks is bring a new level of awareness to our organizations.

Speaker Biography: Philip Keibler, CISSP has spent more than 20 years building very successful information security programs and teams for the retail, aerospace, finance, insurance, major league sports, and manufacturing industries. Currently Philip is the Vice President of Information Security, Risk and Control for superstore retailer, Meijer. Most recently he served as the CISO for Bass Pro Shops in Springfield, MO. Previous to his role with Bass Pro Philip served as the CISO for the retailer “Finish Line”. During his time in the field he has seen information security evolve from a reactive, compliance driven ‘requirement’ to a proactive, risk based function that is critical to the success of every organization. His diverse background provides him with an endless amount of real world experience to draw from when facing challenges integrating security into the business.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our March chapter meeting is on Wednesday, March 2nd, 2015 at 5:45PM. Please RSVP if you plan on attending!

Security Research and Adventures in Responsible Disclosure

Abstract: The biggest security holes are the ones we don’t know about. To find these weaknesses we have to think like the bad guys do. Even as security researchers, we must look at everyday applications through the eyes of a malicious hacker. After learning basic functionality, we can come up with creative methods of (ab)using the application. This presentation details our findings along with the process we go through, challenges we face, and risks we take to responsibly disclose them.

Speaker biography: Presented by Adam Logue and Ryan Griffin.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our February chapter meeting is on Wednesday, February 3rd, 2015 at 5:45PM. Please RSVP if you plan on attending!

Application Threat Modeling in Risk Management

Abstract: Business and government organizations have wised up to the need for a risk-based management approach to info / cyber / <buzzword>-security. But most security risk assessment efforts get mired in excessive analysis or produce results with little substance to them. Should we be using a kill-chains approach? NIST or ISO frameworks? This presentation examines organizational impact of assets based on value and profiles threat agents from their motivations, capabilities, resources and tactics. We’ll step through using the Microsoft Threat Modeling Tool to make data-flow diagrams and gain insight into the soft spots where these threat agents can make contact, cover insider threats and draw threat profiles that make them real for management. Then we’ll show you how to pull this all together in a form that drives home your point.

Speaker biography: Mel Drews has been security consultant to hospitals, government agencies, universities, electric utilities and financial institutions large and small all around the country. He’s used and built risk assessment tools in many teams with a wide range of capabilities. He also claims expertise in penetration testing, software security, system
hardening, and audit. Mel is a SANS Institute Mentor instructor planning his next course to deliver on web application defense. He’s currently working on software security and risk assessment with a large financial services firm in Michigan.

UPDATE: Download the presentation from Mel’s site here.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our December chapter meeting is on Wednesday, December 2nd, 2015 at 5:45PM. Please RSVP if you plan on attending!

How to Adapt What We Have Now to the IoT (The Internet of Things)

Abstract: Information Security Professionals are fast realizing that they are facing new challenges:

• How do I strategize, budget, & execute today for a world that I can’t even imagine five years from now?
• How do I sleep at night when after 99 successes, one small miscalculation could put my name on the front page of the Wall Street Journal or the headline of the Drudge Report?
• Now that the guys in the high-back chairs in the corner offices want to invite me to their meetings, how do I put all this craziness into words that they can understand?
  In this fast changing world, let’s be honest, the pocketbooks have opened & IT Security is getting the funds <<yea!>> & the attention <<boo!>> that we need. The bottom line? You’ll leave this discussion with four or five things you can do that will keep you on the road to those 99 successes while making that story above the fold a little less likely.

Speaker biography: Caston Thomas brings perspective, knowledge and a practicality to how to combine technology and process change for improving security & management of mobile & the cloud. Caston has pioneered communications & workflow technologies in a number of healthcare organizations. With almost 30 years in corporate information technology, he is sought by business leaders as an expert helping to fill the gap between mobile security frameworks and the operational processes & technologies that make them work.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

Our November chapter meeting is on Wednesday, November 4th, 2015 at 5:45PM. Please RSVP if you plan on attending!

IT Security Update from FBI

Abstract: Special Agent Joliffe will be giving a general update on current matters related to IT security and will touch on issues and incidents that have affected organizations both locally and globally.

Speaker biography: Special Agent Peter Jolliffe has been assigned to the FBI’s counter intelligence matters in West Michigan for the past 6 years.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map