October 2013 Chapter Meeting

Our October chapter meeting is on Wednesday October 2nd, 2013 at 5:45PM. Please RSVP if you plan on attending!

Dr. Strangecloud or: How I Learned to Stop Worrying and Love the BYoD, presented by Caston Thomas & Paul Cochran

Abstract: Ten to fifteen years ago, the life of a corporate security manager was easy. Firewall… Check… Virus protection… Check… WEP… Check…Then, the attacks became a little more sophisticated. IDS… Check… IPS… Check… WPA2… Check… 2-factor… Check… Check… Check… It became more complex, yet the basic premise of our security infrastructure was the same… Keep the bad guys out… Keep the data in… Over the last few years, profoundly different challenges have arisen and increase exponentially the demands placed on corporate information security… Cloud… Mobile… Compliance… Privacy… Advanced Persistent Threats… DLP… SIEM…

How Do We Fill In the Blanks From the Dissolving Perimeter?
We’re now called to secure data that’s no longer inside our domain. We’re asked to secure users and devices that could be anywhere in the world at any given time. We’re expected to be able to produce a report on the state of every device & every user on the network – possibly even what it looked like six months ago. “Oh yes, we’ll give you an increase in budget. More staff? We’ll get back with you.”

Some would call this a paradigm shift. Some would call it a disaster waiting to happen. Most of us don’t quite yet know what to call it.

In this presentation, we’ll cover:

  1. how the combination of BYoD/cloud/mobile and the changing threat landscape present new challenges to InfoSec
  2. updating our security framework & infrastructure components without obsoleting what we already have
  3. how NAC & mobile management tools can play a pivotal role in bringing the pieces together (includes a demonstration of ForeScout)

Presentation Material

Speaker biography
Caston Thomas brings perspective, knowledge and a practicality to how to combine technology and process change for improving security & management of mobile & the cloud. Caston has pioneered communications & workflow technologies in a number of healthcare organizations. With almost 30 years in corporate information technology, he is sought by business leaders as an expert helping to fill the gap between mobile security frameworks and the operational processes & technologies that make them work. Caston is president of InterWorks, LLC.

A businessman with a heart and commitment to his family and community, Caston has contributed his talents and time to a variety of humanitarian organizations including the Salvation Army, Capuchin Soup Kitchen, and building clinics & orphanages in Ghana.

Schedule

  • 5:45-6:15PM Networking/Membership signup / Dinner
  • 6:15-7:15PM Presentation
  • 7:15-7:45PM Q&A

Location Information

Metro Health Conference Center
2225 Main Street
Wyoming, MI, 49519
Map

September 2013 Chapter Meeting

Our September chapter meeting is on Wednesday September 4th, 2013 at 5:45PM. Please RSVP if you plan on attending!

Nobody Ever Got Fired For Implementing a Risk Management Program – But they Should Be, presented by Richard Stiennon.

Abstract: Risk Management has become the staple of IT security organizations. Adopted from financial and life insurance models Risk Management makes some unsupportable assumptions of predictability, and knowledge. The three tenets of Risk Management, discovery, ranking, and patching are all impossible to achieve. Therefore Risk Management thinking should be abandoned in favor of threat management.

Schedule

  • 5:45-6:15PM Networking/Membership signup / Dinner
  • 6:15-7:15PM Presentation
  • 7:15-7:45PM Q&A

Location Information

Metro Health Conference Center
2225 Main Street
Wyoming, MI, 49519
Map

August 2013 Chapter Meeting

Our August chapter meeting is on Wednesday August 7th, 2013 at 5:45PM. Larry Yob will be speaking about Data Loss Prevention (DLP). Please RSVP if you plan on attending!

Abstract: Presentation will give an overview of Data Loss Prevention (DLP) technology and definitions of data in motion, data at rest and data in use.  Strategies and lessons learned from DLP customers around the country.  Also talk about risk of an enterprise big brother DLP.

Presenter information: Larry Yob is an Information Security Officer for Ascension Health Information Services (AHIS).  Ascension Health Information Services (AHIS), part of Ascension Health Alliance, is the largest Catholic health system, the largest private nonprofit system and the third largest system (based on revenues) in the United States, operating in 23 states and the District of Columbia.  Currently with his role as Information Security Officer he is responsible for Data Loss Prevention (DLP) and regionally oversees security for 12 Health Ministry’s.

Previously he worked as a system administrator, Lotus Notes developer, Citrix administrator, and a HIPAA Security Officer for a local community mental health authority.

Presentation material

Schedule

  • 5:45-6:15PM Networking/Membership signup / Dinner
  • 6:15-7:15PM Presentation
  • 7:15-7:45PM Q&A

Location Information

Metro Health Conference Center
2225 Main Street
Wyoming, MI, 49519
Map

July 2013 Chapter Meeting

Our July chapter meeting is on Wednesday July 10th, 2013 at 5:45PM. Note the meeting is one week later than normal due to the July 4th holiday. The topic for the meeting will be BeEF – It’s what’s for dinner. Please RSVP if you plan on attending!

Abstract: The Plague once said, “We are Samurai… the Keyboard Cowboys…  and all those other people who have no idea what’s going on are the cattle… Mooo.” This talk will go in depth on BeEF – The Browser Exploitation Framework, a penetration-testing tool to attack browsers.  I will teach you how the tool works, how to hook clients, and a demo of some of its very powerful features.  We will use BeEF to pivot to internal systems, create reverse tunnels, and much more.  Finally, we will discuss some countermeasures to prevent from getting trampled by the BeEF herd.

Presenter information: Jeff Bleich is a Senior Security Consultant with Secure Ideas. He has worked in the Information Security field for the last 9 years. Jeff has a considerable amount of experience in the healthcare, manufacturing, and automotive industries. Previous to Information Security, Jeff worked in network engineering and system administration.

Jeff is very active in the Information Security community. He co-founded GrrCON, a large Information Security and hacker conference, based out of Grand Rapids, MI. He is also the president of the (ISC)² West Michigan Chapter. Jeff attends and speaks at conferences around the U.S.

Jeff has a Masters of Science degree and currently holds the GPEN, GWAPT, GCIH, CISSP, and CISM certifications.

June 2013 Chapter Meeting

Our June chapter meeting is on Wednesday June 5th, 2013 at 5:45PM. The topic for the meeting will be Securing Healthcare Information with Virtual Desktops. Please RSVP if you plan on attending!

Abstract: The strategic benefit of Virtual Desktops within healthcare is being adopted aggressively. Metro Health has been using virtual desktops with SSO in production health system-wide over the last several years. Seminar attendees will gain an understanding of how implementing a fast roaming solution with SSO leads to greater security for virtual desktop solutions and show a significant ROI for their healthcare system.

Presentation material

Presenter Information: Aivars Apsite is the Technology Strategist at Metro Health Hospital in Grand Rapids, Michigan. His responsibilities center around the strategic direction, leadership and integration of their infrastructure technologies and applications. He holds a Master’s of Science in Computer Information Systems. Prior to joining Metro Health, he has held information technology leadership positions in the insurance, telecommunications, and furniture manufacturing sectors.

Schedule

  • 5:45-6:15PM Networking/Membership signup / Dinner
  • 6:15-7:15PM Presentation
  • 7:15-7:45PM Q&A

Location Information

Metro Health Conference Center
2225 Main Street
Wyoming, MI, 49519
Map