Our next chapter meeting is on Wednesday March 19, 2025 at 5:30PM. Please RSVP if you plan on attending!

Defending the Digital Gate: Combating Adversary in The Middle Phishing Attacks with Passkeys and Conditional Access

This presentation will cover some statistics on increased phishing and account takeover activity. Then, we will discuss why traditional multi-factor authentication methods are becoming less effective at preventing these attacks. In doing so, we will cover how token-based OIDC Authentication works and why it’s vulnerable to AITM Attacks. During this, I’ll demo an attack I conducted against my lab environment to compromise a Microsoft User Account. Afterwards, we will discuss FIDO2 Authentication protocols, the use of Passkeys, and how they prevent these attacks. Lastly, we will discuss Microsoft Entra conditional access policy controls and how to use them to prevent these attacks using both passkey-focused and non-passkey-focused controls.

Presenter: Jeremy Rogers is a Senior Security Operations Engineer with Acrisure LLC. After leaving the United States Marine Corps in 2017, he obtained a bachelor’s in information security/cyber assurance and joined Acrisure in 2020. He has almost five years of experience in security architecture, engineering, and incident response, having implemented and managed a wide range of tools, including SIEM, EDR, Email Security, SOAR, and Cloud Security Solutions. Jeremy’s current focus is on implementing phishing-resistant security solutions for Entra ID for an organization of almost 20k employees; as well as the design and implementation of Security Automation solutions.

Schedule: Presentations begin promptly at 5:30 PM; light dinner and refreshments served before the meeting.

Location Information

Northpointe Bank
5303 28th St Ct SE,
Grand Rapids, MI 49546

Special note: The building access has good strong security protocols and all access between lobby and conference room is escorted. Therefore, please be prompt at or before 5:30pm in the lobby. Someone will be waiting in the lobby for everyone to arrive.  Text Patti if you are running late @ (616) 340-6119.

Our next chapter meeting is on Wednesday February 19, 2025 at 5:30PM. Please RSVP if you plan on attending!

AI: Friend or Foe? Let’s Secure the Future Together

Presenter Name: Conversation facilitated by (ISC)2 board members + attendees

Highlights:

AI is transforming security, but are we focusing on the right challenges?

This session will follow the open forum format we all enjoyed last month. Let’s talk about the real problems you’re facing today and how others are solving them, rather than speculating about the future. Share what’s working, what’s not, and collaborate on practical solutions that matter now.

Discussion points:

1. AI in Threat Detection: What’s effective, what’s noise? Mitigating AI-Driven Attacks: Real-world challenges and solutions.
2. AI for Incident Response: Lessons learned from automation.
3.  Ethical AI Use in Security: Balancing innovation with responsibility.
4.  AI Integration Challenges: Bridging tools with workflows.

Schedule: Presentations begin promptly at 5:30 PM; light dinner and refreshments served before the meeting.

Location Information (NOTE NEW LOCATION!)

Northpointe Bank
5303 28th St Ct SE,
Grand Rapids, MI 49546

Special note: The building access has good strong security protocols and all access between lobby and conference room is escorted. Therefore, please be prompt at or before 5:30pm in the lobby. Someone will be waiting in the lobby for everyone to arrive.  Text Patti if you are running late @ (616) 340-6119.

Our next chapter meeting is on Wednesday November 20, 2024 at 5:30PM. Please RSVP if you plan on attending!

Open forum discussion on secure data management

Presenter Name: Conversation facilitated by (ISC)2 board members + attendees

Highlights:

1. Data asset inventory 
2. Data movement  
3. Data Loss Prevention (DLP)
4. CASB  
5. Small company data protections 

Schedule: Presentations begin promptly at 5:30 PM; light dinner and refreshments served before the meeting.

FYI December 12th meeting: This will be combined with several other professional security clubs in the area including:  CSA, ISSA, ISC2, WomSA, West Michigan Cybersecurity Consortium, MCWT

Sponsors for this event and the appsec panel will be Ox Security, Salt Security and Secure Code Warrior. The panel will be a mix of engineers from the sponsors and a couple of customers of the sponsors so there should be a great mix of technologies and speakers to be on the panel.

Call to all members:  Anyone wanting to present or hold a forum/panel discussion, please contact any of the members at https://isc2chapter-westmi.org/about-us/officers/

Location Information (NOTE NEW LOCATION!)

Northpointe Bank
5303 28th St Ct SE,
Grand Rapids, MI 49546

Special note: The building access has good strong security protocols and all access between lobby and conference room is escorted. Therefore, please be prompt at or before 5:30pm in the lobby. Someone will be waiting in the lobby for everyone to arrive.  Text Patti if you are running late @ (616) 340-6119.

Our next chapter meeting is on Wednesday October 16, 2024 at 5:30PM. Please RSVP if you plan on attending!

AI Tackling Secure SDLC: A Practical Demo for Security Professionals to Quickly and Easily Guide Developers in Remediating OWASP Top 10 Vulnerabilities.

Presenter Name: John Burke, CISSP, Head of Security, Collective[i]

Presenter Bio: John Burke, CISSP, is the Head of Security at Collective[i] with over 20 years of experience in secure application development. A certified CISSP, John draws on his expertise across all security domains to help organizations modernize their tech stacks and strengthen their overall security posture. As an agile development practitioner, he passionately enables businesses to use technology to tackle seemingly impossible security challenges through iterative improvements.

His non-profit and coaching background enables him to bridge the gap between security professionals, developers, and business leaders, fostering joyful team building and collaboration to strengthen security across the entire organization.

Schedule
Presentations begin promptly at 5:30 PM; light dinner and refreshments served before the meeting.

Location Information (NOTE NEW LOCATION!)

Northpointe Bank
5303 28th St Ct SE,
Grand Rapids, MI 49546

Special note: The building access has good strong security protocols and all access between lobby and conference room is escorted. Therefore, please be prompt at or before 5:30pm in the lobby. Someone will be waiting in the lobby for everyone to arrive.  Text Patti if you are running late @ (616) 340-6119.

Our next chapter meeting is on Wednesday September 18, 2024 at 5:30PM. Please RSVP if you plan on attending!

The Role of Cybersecurity Risk Quantification

In this presentation we’ll explore the origins of risk quantification in the cyber industry and discuss the many ways it can be employed in an organization. We’ll expose several myths and talk about how to successfully implement risk quantification in risk management. 

Presented by Charlene Deaver-Vazquez, CISSP, CISA

Schedule
Presentations begin promptly at 5:30 PM; light dinner and refreshments served before the meeting.

Location Information (NOTE NEW LOCATION!)

Northpointe Bank
5303 28th St Ct SE,
Grand Rapids, MI 49546

Special note: The building access has good strong security protocols and all access between lobby and conference room is escorted. Therefore, please be prompt at or before 5:30pm in the lobby. Someone will be waiting in the lobby for everyone to arrive.  Text Patti if you are running late @ (616) 340-6119.