2019 April 12th Security Architecture and GRC Integration

April 12th, 2019, 8:00 AM – 5:00 PM
Download and share the flyer ISC2 East Bay April 12th 2019
Venue: Oracle, 5805 Owens Drive, Dublin, CA 94568
Security Integration and GRC conference theme includes 10+ speakers and guided product demonstrations offering 8 CPE for full attendance. Learn more at https://isc2-eastbay-chapter.orgLinkedInFacebook.
Integrating themes in cyber-security to concrete GRC activities with the expectation of their implementation on an Enterprise GRC platform.

Add to my calendar

Three opportunities for networking with your peers

  • Breakfast 8:00-8:50 Coffee and Nathan’s Bagels
  • Lunchbox 12:00 to 12:50 catered by Panera
  • 5:00 PM Networking with our sponsors, Dinner – salad and a plate of ribs – Texas Barb-B-Q from Armadillos

If you are experiencing hardship and wish to attend, please have proof of (ISC)2 membership or ISACA membership and reach out to Director Education & Career Development Jing Zhang-Lee, or
Conference Director Robin Basham

Pricing:

(ISC)2 is happy to accept member ID from its partner professional organizations:

Early Bird Registration

Walk in or online Registration after April 8th

    • Member or Affiliate Member $130
    • Non-Member $145
    • Sorry no more student passes

Regular Registration

Speaker Bar
Session 1:1 9:05 – 10:00 AM Meet Kevin Naglich Meet Joe Garcia

Starting with access and RBAC – Securing the Human and the Non-Human

Kevin Naglich, GSEC, GCCC – Director, Strategic Solutions Engineering, PAS Program Office, and Strategic Solutions Engineer, Joe Garcia

Kevin Naglich is based in Chicago and currently leads CyberArk’s Privileged Access Security (PAS) Program Office, a team dedicated to helping CyberArk’s prospects and customers design secure, sustainable strategies to mitigate the risk posed by privileged accounts.

As a 6+ year CyberArk veteran, Kevin has served in various capacities from pre-sales engineering, customer success, and most recently prior to the PPO managing solutions engineering for CyberArk’s large strategic enterprise accounts. Throughout this journey Kevin has worked on hundreds of PAS programs and through this experience is able to help clients follow best practices, avoid pitfalls, and build out their own PAS roadmaps in a way that maximizes adoption, time to value, and ROI. Prior to CyberArk Kevin worked as a SOX IT Auditor at Orbitz Worldwide and as a Business Analyst at Abbott Labs.

As a Strategic Solutions Engineer, Joe Garcia has a strong background in DevOps, Cloud and Security and is currently focused on helping customers implement and scale effective secrets management solutions. As CyberArk’s subject-matter expert in DevOps Security, Joe Garcia shares CyberArk’s vision of building a security community that is as agile as the automation they are securing in today’s fast paced environments. You can typically find him spreading that shared vision at DevOps events, conferences, webinars, podcasts, and anywhere automation is a hot topic. Prior to that, as a CyberArk customer, Joe worked at Raymond James Financial, most recently serving in their Security Operations Center (SOC) focused on Vulnerability and Monitoring – dealing with everything from data automation from the Qualys Cloud all the way down to producing comprehensive compliance metrics for the division. Joe is a CISSP, Six Sigma Yellow Belt, and is a Certified AWS Technical Professional.

 

1-1: How we ascend from from PAS Competencies to DevOps/Automation content

    • The IT department is become more about non-humans
    • You need to be able to identify, authorize, and audit all of these dynamic non-humans
    • CyberArk gives you that full spectrum non-human coverage from mainframe to cloud.

CyberArk Platinum sponsor, CyberArk contributes lab leaders and speakers in addition to actively sponsoring this GRC event. CyberArk is the only security company laser-focused on striking down targeted cyber threats, those that make their way inside to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk is trusted by the worldís leading companies ó including more than 45% of the Fortune 100 companies ó to protect their highest value information assets, infrastructure, and applications. For over a decade CyberArk has led the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets. Today, only CyberArk is delivering a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done. At a time when auditors and regulators are recognizing that privileged accounts are the fast track for cyber attacks and demanding stronger protection, CyberArkís security solutions master requirements while arming businesses to protect what matters most. With offices and authorized partners worldwide, CyberArk is a vital security partner to more than 3,200 global businesses, including more than 45% of the Fortune, 100 more than 25% of the Global 2000, CyberArk has offices in the U.S., Israel, Australia, France, Germany, Italy, Japan, Netherlands, Singapore, Spain, Turkey, and the U.K.

Session 1:2 10:00 AM to 11:00 AM Meet Robin Basham Meet Tim Carson

Why we start with the platform – hosted by RSA Archer and Cisco

Robin Basham, Tim Carson, Bill Ochs

Robin Basham, CISSP, CISA, CGEIT, CRISC, Conference Director and GRC Contributor.

Robin has implemented more than 70 GRC related programs, leveraging just about everything that can be leveraged in the world of regulatory compliance, business process, cybersecurity, and data architecture.

As today’s facilitator, and as the founder of multiple GRC companies, Robin Basham, CISSP, CISA, CGEIT, CRISC, M.IT and M.Ed will anchor all the speakers to the data that makes all GRC real.

Tim Carson representing major Accounts with Archer GRC, is an enterprise risk professional passionate about creating innovative programs that elevate the reputation of the organization, provide positive employee experiences, and result in lasting change and sustainable savings. Expertise in: IT Development and Security (PCI); Claims Operations; Governance, Compliance and Ethics; Governance, Risk and Compliance Tools (Archer); Business Intelligence/Analytics; Resiliency Programs (BCP, EM, DR); Captive Management.

1-2: Session Description – What we expect from our platform:

Success starts with a common technology foundation for risk and compliance. Using the example of The RSA Archer GRC Platform, members from Cisco discuss their real life use case in selecting a platform based on a common set of capabilities, methodologies and taxonomy – and designed to meet both specific and continuously evolving security and risk based requirements. As the regulatory and threat landscape expands faster than the eye can see, how are the largest enterprises integrating from the platform to the specific and the constantly changing unknowns.

Robin Basham speaks to the data architecture, RSA speaks to the security integration enablers

About RSA More than 30,000 customers worldwide—including nearly half the global Fortune 500—rely on RSA’s business-driven security™ strategy for cyber threat detection and response, identity and access management, online fraud prevention, and governance, risk and compliance solutions. Armed with the industry’s most powerful tools, enterprises can better focus on growth, innovation and transformation in today’s volatile business environment. RSA is a part of the Dell Technologies family of brands. Dell Technologies is a unique family of businesses that provides the essential infrastructure for organizations to build their digital future, transform IT and protect their most important asset: information. The company services customers of all sizes across 180 countries – ranging from 98 percent of the Fortune 500 to individual consumers – with the industry’s most comprehensive and innovative portfolio from the edge to the core to the cloud.

Session 1.3: 11:00 AM-11:45 AM Meet William (Bill) Ochs, III, PhD (ABD)

How Europe is Changing GRC Security Requirements

William Ochs, III

 

Information Systems Security, M.B.A. FedRAMP Authorization Engineer, Global Certifications Team Cisco. William Ochs is a lead architect on Cisco’s Global Certifications Team providing .  

enterprise governance and risk management oversight across Cisco’s cloud certification efforts. While at Cisco, he has designed and implemented the Cisco FedRAMP Control Baselines, established a readiness and go-to-market program for cloud offers, and enabled Cisco’s FedRAMP Continuous Monitoring program. William has been the lead GCT FedRAMP engineer for Cisco WebEx, HCS-G, and Cloudlock.

With multiple years of information technology and business leadership experience in Europe, the United States, and the Middle East, he brings an international perspective toward solutions and securing organizations.

1-3: Returning from recent involvement in leading cybersecurity committees in Europe, William Ochs will discuss the trends for international cloud based operations and the many critical considerations for continuously adapting the requirements we place into our GRC.

More about Bill: William Ochs has been active in the security field since 2006, leading and successfully implementing global policy initiatives affecting organizations in over 165 countries on five continents. William conducted his doctoral research in Information Systems at Nova Southeastern University (a NSA Center of Excellence), where he made Information Security his primary area of research. William has been a cybersecurity professor for both the University System of Georgia and the Technical College System of Georgia.

Session 1.4: 1:00 PM-1:45 PM Meet Yossi Appleboum

Sepio Systems presents – Rogue Device Mitigation

Speaker Yossi Appleboum CEO, Sepio Systems Inc.

As CEO of Sepio Systems, Inc., Yossi is responsible for North American operations at Sepio. He brings 25 years’ experience in security, networking, and

computer science and control systems, along with a wide-angle perspective to cyber security threats and unique security solutions.

In the early 1990s, Yossi joined the technology unit of the Israeli Army Intelligence Corps (Unit 8200). As team leader and chief architect, he focused on design and development of critical infrastructure network monitoring and security systems.

In 1998, Yossi co-founded WebSilicon, a company dedicated to delivering advanced networking and security systems. In 2007, Yossi became the company’s CTO, responsible for North American business activities.

1-4 Session Description: We will examine how Sepio Systems addresses a real problem that few companies are aware of or are protected against in 2019. While the industry is focused almost entirely on software protection against cyber-attacks, one of the greatest threats resides in rogue or corrupt hardware devices that are present in almost every computing network and infrastructure. From the doctored motherboard chips on our servers that have been corrupted along the supply chain to compromised peripheral devices, mobile phones and USB drops, hardware vulnerabilities represent a target rich environment for cyber criminals leveraging a variety of threat exploits. Citing examples occurring recently in the International server manufacturing supply chain, IP theft by disgruntled employees, and data leaks at a Fortune 20 bank, the founder and CEO of Sepio will explain how their system works to detect, prevent, and protect information systems from hardware-based attacks.

(Meet Yosi, continued) In this role, he worked with key customers to develop next-generation network monitoring and security systems. In 2013, WebSilicon was acquired by Magal (NASDAQ: MAGS), one of the world’s largest physical security integration companies. After the acquisition, Yossi led the integration of the company into Magal and was instrumental in rebranding WebSilicon as CyberSeal. Yossi served as CTO for cyber security of Senstar, the North American division of Magal, and relocated to the United States to work closely with key customers and partners. In 2012, Yossi invested in and contributed to the development of TowerSec, the first cyber security company for cars. TowerSec was acquired by HARMAN International Industries in January 2016.

https://www.linkedin.com/company/sepio-systems/

Session 1:5 2:00 PM-2:45 PM Meet Arij Khan

Securonix – Integrating SIEM Results with the GRC

Aarij Khan joins Securonix as VP of Marketing, bringing a deep understanding of the security market and buyer combined with over 15 years of marketing leadership at high growth, innovative security vendors.

Previously, Aarij led marketing efforts at RiskIQ where he was responsible for product marketing, analyst and public relations strategy, channel marketing, field marketing, and growth. Before that, he led product and solution marketing at Tenable Network Security and ThreatMetrix. Earlier, Aarij spent over 4 years at ArcSight/HP where he was instrumental in the rapid adoption of ArcSight SIEM products, and ArcSightís recognition as a leader in the Gartner Magic Quadrant for SIEM for 4 years in a row. Aanji Khahn

Aarij holds a Bachelor of Science in computer engineering from Cornell University, a Master of Science in Economics from the Catholic University of Leuven (Belgium), and a Master of Business Administration from Cornellís Johnson Graduate School of Management. http://www.securonix.com

1-5 Session Description: What are the data elements we take from the SIEM and post to the GRC? How do we integrate threat, risk and findings?

Securonix

About Securonix: Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior, Securonix is able to automatically and accurately detect the most advanced cyber threats, insider threats, and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around insider threat detection and monitoring, high privileged activity monitoring, data exfiltration, enterprise and web fraud detection, application risk monitoring, cloud security monitoring, cyber threat monitoring and access risk management. Securonix uses a Hadoop platform to provide unlimited scalability and open data model. http://www.securonix.com

1:6 3:00 PM-3:45 PM Meet Dorian Cougias
Security Laws and Frameworks applied to the Government Sector: How Enterprises leverage the UCF in the most widely used GRC

Dorian Cougia, Lead Analyst and Compliance Scientist, The Unified Compliance Framework® (UCF)

As the lead analyst for the Unified Compliance Framework Dorian is responsible for the classification, taxonomy, and interpretation of all facts of unifying the regulatory landscape.

Read More: Wow – 12 years mapping regulations!


1-6: Whether you begin from the point of SOC 2 Type II attestation or you have already completed an ISO/IEC 27001 certification, there are right ways and wrong ways to map existing compliance to other frameworks like HITRUST for HIPAA, NIST CSF, and NIST 800 53 r4 for FedRamp.
This session looks at how FedRamp is same and different from five other critical frameworks for security in Government Sector. Using The Unified Compliance methodology, Lynn examines how areas that sound the same, vary at implementation and audit. ( Examples include: Assets, Classification, Session Timeout, Password, and Authentication)About UCF: The Unified Compliance Framework® (UCF) was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF. This patented GRC framework is used as a core component of advanced GRC solutions by leading software publishers, certified auditors and consultants worldwide. Unified Compliance’s dynamic SaaS portal, the Common Controls Hub, provides a new interface to the UCF that aids in extracting needed data from the framework easily and helps compliance professionals keep pace with the ever-evolving regulatory demands, confidently manage risk, and ease resource and budget barriers. The Common Controls Hub gives users rapid access to its massive data repository of more than 90,000 individual mandates from 800-plus laws and standards from around the globe. Sorting through the most up-to-date demands, figuring out which controls they need to implement and how they overlap is now a quick process with just a few simple mouse clicks. The Common Controls Hub simplifies the need to locate, research, interpret, and reconcile new and evolving mandates by giving compliance professionals the ability to centrally scope, define and maintain regulatory demands online. Companies can now automatically compile custom, harmonized control lists in minutes by vertical industries, market segments, and geographies.
3:45-4:00 PM
Sponsored by KFORCE

We Break 4 Cake

If we are running late, you may be asked to hurry up and eat your cake Special thanks to Maura Jones and Asha Kumar for coordinating meals. Call out to Angel Mazzucco who organizes real interviews for real jobs, and brings us CAKE!!
Session 1:7 4:00-4:45 PM Meet Chris Niggel

Identity is a cornerstone of all Governance

Presented by, Chris Niggel, Director, Security and Compliance at Okta, Inc.

Chris is currently the Director of Security and Compliance at Okta, where he is responsible for corporate compliance, application assessment, and responding to customer security inquiries.

Prior to Okta, Chris spent 6 years leading the adoption of Cloud Technologies at LinkedIn, helping them grow from 350 to over 6,800 employees. He started his career designing, developing, and delivering content management, system administration, and messaging solutions for customers such as Nestle, Cisco, AMD, Telus, and the US Department of Defense.  He is also an active member of the Northern California ski community, where he volunteers with the Tahoe Backcountry Ski Patrol performing search & rescue, and teaching ski mountaineering & outdoor survival.

Specialties: Cloud Identity Management, Cloud and Enterprise Security & Forensics, Compliance and Regulatory (ISO27001, SOC2, PCI, FedRAMP, HIPAA and SOX), GDPR, eDiscovery, Enterprise solution design & development, Multiple OS and development platforms

Certifications: CISSP (Certified Information Systems Security Professional), CCSK (Certificate of Cloud Security Knowledge)

1- 5: Identity is a cornerstone of all Governance, Risk, and Compliance frameworks.  From SOC to SOX, some of the most significant challenges in deploying and demonstrating compliance involve ensuring the right people have the right access to data.  Further complicating this issue, the explosion of mobile and cloud technologies have dissolved the traditional perimeter.  In this new world, people – and their identities – have become the new perimeter.  In this session, learn how making identity the core of your compliance program not only makes your organization more secure, but also drives technology adoption and enables your business.

About Okta: Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to both secure and manage their extended enterprise, and transform their customers’ experiences. With over 5,500 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely adopt the technologies they need to fulfill their missions. Over 5,600 organizations, including 20th Century Fox, JetBlue, Nordstrom, Slack, Teach for America and Twilio, trust Okta to securely connect their people and technology.

Session 1.8: 4:45-5:30 PM
ServiceNow

Workflow meet Assets, Assets meet World.

The marriage of what is known and understood.

Speakers Announced Soon
1-6 Session Description: Call to Action – Integrating all that is known with all that is GRC

Session 1-8: 5:30-6:30PM Meet Current and Past Sponsors Get to know our sponsors

Networking Event

Debrief the day Make time to learn who is hiring and what they need.

Securonix

Platinum Sponsor, live demonstration visualizing the threat, actionable intelligence

Securonix
Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior, Securonix is able to automatically and accurately detect the most advanced cyber threats, insider threats, and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around insider threat detection and monitoring, high privileged activity monitoring, data exfiltration, enterprise and web fraud detection, application risk monitoring, cloud security monitoring, cyber threat monitoring, and access risk management. Securonix uses a Hadoop platform to provide unlimited scalability and open data model. http://www.securonix.com

Skybox Security

Gold sponsor, live demonstration assigning the policy that proves our governance is in place

The software uses analytics to prioritize an organization’s risk exposures and recommends informed action to best address those exposures. These capabilities extend across highly complex networks, including those in physical, virtual, cloud and
operational technology (OT) environments. By integrating with more than 120 networking and security technologies, the company’s broad platform, the Skybox™ Security Suite, enables organizations to reduce security risks that attackers can find and exploit, such as device misconfigurations and policy violations, as well as exposed and unpatched vulnerabilities.

Netskope

Platinum Sponsor, live demonstration, mapping the path of business, the evolution of cloud security Netskope is the leader in cloud security. Using patented technology, Netskopeís cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real time,

whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope ó security evolved.netskope

Zscaler

Gold Sponsor, live demonstration enables secure mobile enterprise in real time, architecting the secure enterprise network Zscaler enables the worldís leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access, and

Zscaler Private Access creates fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the worldís largest cloud security platform, protecting thousands of enterprises and government agencies from cyber attacks and data loss.Zscaler

HexaBuild,

in addition to making their CEO, Co-Founders and COO available to all of us for the entire day, contributes the morning breakfast and afternoon cake. Sweet!

HexaBuild is an IT professional services consultancy comprised of industry-recognized IT subject matter experts

and thought leaders. Our core team has a combined 60+ years of experience, multiple expert-level vendor certifications, and several publications by recognized technology presses. HexaBuild specializes in managing IPv6 adoption initiatives and large-scale cloud deployments for both enterprises and service providers. Services include address planning, hardware and software assessments, network/IT environment audits, on-prem to cloud migration and integration, and personnel training.

CyberArk

Platinum sponsor, CyberArk contributes lab leaders and speakers in addition to actively sponsoring our last summer event.

CyberArk is the only security company laser-focused on striking down targeted cyber threats, those that make their way inside to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk is trusted by the worldís leading companies ó including more than 45% of the Fortune 100 companies ó to protect their highest value information assets, infrastructure, and applications.

For over a decade CyberArk has led the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets. Today, only CyberArk is delivering a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done. At a time when auditors and regulators are recognizing that privileged accounts are the fast track for cyber attacks and demanding stronger protection, CyberArkís security solutions master high-stakes compliance and audit requirements while arming businesses to protect what matters most. With offices and authorized partners worldwide, CyberArk is a vital security partner to more than 3,200 global businesses, including more than 45% of the Fortune, 100 more than 25% of the Global 2000, CyberArk has offices in the U.S., Israel, Australia, France, Germany, Italy, Japan, Netherlands, Singapore, Spain, Turkey, and the U.K.
CyberArkMd

Saba Software

Our Venue Sponsor has contributed their offices and resources to make this day possible. As a result, we will be able to offer a thousand dollars to a local scholarship for students wanting more opportunities in the field of cybersecurity.
Saba makes software that transforms the working lives of millions of people

and increases growth and success for thousands of businesses around the world. We help organizations create the catalyst for exceptional employee engagement, with a powerful cloud platform that delivers a continuous development experience – from personalized training and collaboration to real-time coaching, goal setting, and feedback. Today thousands of customers worldwide, in virtually every industry, count on Saba to engage their people, connect their teams, and get the critical insight they need to prove the impact of talent on business success.

Attivo Networks sponsors and provides lab leaders and speakers.

Attivo Networks® is the leader in deception for cybersecurity defense. Founded in 2011, Attivo Networks provides a comprehensive deception platform that in real-time detects inside-the-network intrusions in networks, public and private data centers, and specialized environments such as Industrial Control System (ICS) SCADA, Internet of Things (IoT), and Point of Sale (POS) environments. Founded on the premise that even the best security systems cannot prevent all attacks, Attivo provides the

required visibility and actionable, substantiated alerts to detect, isolate, and defend against cyber attacks. Unlike prevention systems, Attivo assumes the attacker is inside the network and uses high-interaction decoys and endpoint, server, and application deception lures placed ubiquitously across the network to deceive threat actors into revealing themselves. With no dependencies on signatures or attack pattern matching, the BOTsink deception server is designed to accurately and efficiently detect the reconnaissance and lateral The Attivo Multi-Correlation Detection Engine (MCDE) captures and analyzes attacker IPs, methods, and actions that can then be viewed in the Attivo Threat Intelligence Dashboard, exported for forensic reporting in IOC, PCAP, STIX, CSV formats or can be used to automatically update SIEM and prevention systems for blocking, isolation, and threat hunting. The ThreatOps offering simplifies incident response through information sharing, incident response automation, and the creation of repeatable playbooks.

Unified Compliance Framework sponsors, provide past and future speakers.

We welcome The Unified Compliance Framework® (UCF) as a new Silver Sponsor, a speaker and recent ISC2 partner in providing certifications for controls and compliance mapping.
The Unified Compliance Framework® (UCF) was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF.

This patented GRC framework is used as a core component of advanced GRC solutions by leading software publishers, certified auditors and consultants worldwide. Unified Compliance’s dynamic SaaS portal, the Common Controls Hub, provides a new interface to the UCF that aids in extracting needed data from the framework easily and helps compliance professionals keep pace with the ever-evolving regulatory demands, confidently manage risk, and ease resource and budget barriers. The Common Controls Hub gives users rapid access to its massive data repository of more than 90,000 individual mandates from 800-plus laws and standards from around the globe. Sorting through the most up-to-date demands, figuring out which controls they need to implement and how they overlap is now a quick process with just a few simple mouse clicks.The Common Controls Hub simplifies the need to locate, research, interpret, and reconcile new and evolving mandates by giving compliance professionals the ability to centrally scope, define and maintain regulatory demands online. Companies can now automatically compile custom, harmonized control lists in minutes by vertical industries, market segments, and geographies.

Allgress

Allgress enables enterprise risk, security, and compliance professionals the ability to efficiently manage their risk posture.

By utilizing advanced visualization, automation, streamlined workflows, and the integration of existing data feeds, Allgress reduces the complexity and cost of risk management. Unlike other risk management solutions, Allgress customers derive value in days rather than months. For more information, visit www.allgress.com info@allgress.com or 925.579.0002
ThankYouEveryone
How to become a member: Please directly contact our Chapter President Tom Rogers and fill out the membership form https://isc2-eastbay-chapter.org/membership/
EnterpriseGRC Thank you Chevron, for providing us with space and food for the last two years.
Thank you, Blackhawk –

Thank You, Oracle

(This 1-day event counts towards 8 hours of Continuing Professional Education CPE)
Your friends and colleagues at (ISC)2 East Bay Chapter chapter can’t wait to see you. We hope you join us in giving special thanks to the conference committee volunteers, without whom, such events would not be possible. Providing weekly meetings, binding flyers, drafting letters, being a liaison to our gracious speakers, updating and proofing our brochures, and assisting in the overall quality management of each Conference, we acknowledge Dan Green, Atul Kumar, Maura Jones, Peter Chen, as well as all members of the Board of Directors for their added responsibilities in coordinating our conference business, and for all the wisdom provided by the full membership of our chapter. Your support is greatly appreciated. Sincerely, Robin Basham, Conference Director

The (ISC)2 East Bay Chapter Board of Directors

Recent Past Presidents are Lokesh Sisodiya and Lee Neely

We push you in

 

(ISC)2 East Bay Chapter