Please join (ISC)2 East Bay Chapter on August 12th, 7 PM – 9 PM, for Two CPE hours attending “SHARING SENSITIVE INFORMATION SECURELY – Privacy-Preserving Analytics and Secure Multiparty Computation”
Speaker Ulf Mattsson | Chief Security Strategist
Sharing Sensitive Information Securely Different industries are taking advantage of secure data-sharing techniques. New privacy-preserving computing approaches are needed to meet legal requirements and provide privacy for data sharing. Tonight’s speaker and topic shares:
Protegrity protects the world’s most sensitive data wherever it resides. Our industry-leading solutions allow businesses to finally tap into the value of their data and accelerate digital transformation timelines – without jeopardizing individuals’ fundamental right to privacy. For more than 20 years, Protegrity has delivered innovative, data-centric protection for the most sensitive data of the largest brands on the planet. We free businesses from the constraints associated with accessing and leveraging data to create better customer experiences, make intelligence-supported decisions, and fuel innovation. Data knows no boundaries and Protegrity’s technology is built for data ubiquity. Protegrity is headquartered in Salt Lake City, Utah.
How Vulnerability Validation Saves DevSecOps Teams Significant Time
Rezilion Prioritize identifies vulnerabilities that are actually exploitable, helping to avoid remediation on those that are not loaded to memory and therefore not real threats. Vulnerability validation will:
Reduce vulnerability patching efforts by up to 70%
Provide CISOs with the actual attack surface vs. a perceived attack surface, allowing them to better allocate resources
Find more time to patch without slowing down business operations by providing compensating controls for production vulnerabilities through autonomous mitigation
Curtis Barker, VP of Solution Architecture, at Rezilion, AWS security architect, certified scrum product owner trained in agile development, and certified cisco network professional is presenting:
Originally from London, UK, Curtis holds a Masters’s Degree in Electronic Communications Engineering with Business Mgt (MEng) from the University of Sussex. He started out in telecommunications as a network engineer, which included laying cables between sunken warships between England and France. He moved to South East in 2008 where, as a network designer, he experienced the explosion of communications infrastructure in the region. As business went mobile, Curtis moved to mobile communications in 2011 to lead solution sales focused on mobile security. He joined Symantec in 2014 to manage their emerging mobile security products and went on to lead the Symantec product portfolio in the Asia Pacific region. Curtis transferred to Symantec headquarters in Mountain View, California in 2016 to manage the introduction of emerging cloud security products. He helped Symantec bring new products to market and led product integrations to strategic partner marketplaces.
In his spare time, Curtis enjoys cycling and traveling with friends and family.
Session Two: Next-Generation Cellular and Broad-spectrum IoT cybersecurity
What are the risk and threats associated with 5G, IoT, IIoT, and OT, and what should you be concerned about?
As enterprises embrace IoT to help drive efficiencies and compete in the new online world, customers are faced with the challenge of having to balance best practices with time to market. With 80% of IoT deployment now wireless, wireless had become the new network and new attack surface creating this massive invisible blind spot – the invisible espionage threat to the business. In this discussion, learn from a wireless industry veteran who understands the new visibility that’s required in order to detect, assess and prevent risk from backdoor data exfiltration.
Garry Drummond, CEO and Founder LOCH Technologies, www.lock.io
Mr. Drummond is an experienced Go-To-Market Executive with a career that spans over 20 years across numerous leadership roles in Sales, Business Development and Product Marketing within the Technology Industry. Mr. Drummond is a Certified Information Systems Security Professional (CISSP), as well as a Certified Wireless and Network Security Professional (CWNA/CWSP), and has helped many of his clients implement a best practice approach to risk management.
From his humble beginnings in Scotland, Mr. Drummond arrived in the Bay Area in 1998. Mr. Drummond went to Business School in Scotland where he studied International Business. With a passion for self-learning, Mr. Drummond has become an expert in the field of wireless security technologies and has received several patents for his work. Mr. Drummond was instrumental in the go-to-market fit for two Silicon Valley security start-ups prior to setting up LOCH Technologies in July 2014 when he moved into entrepreneurship and started LOCH Technologies (formerly 802 Secure) from his garage in Pleasanton, CA.
Along with a small team of industry experts, he conceptualized, designed, and delivered wireless cybersecurity products for the company by developing next-generation signal intelligence technologies for securing the Internet of Things (IoT) by combining software-defined radio (SDR) with big data analytics. The patented solutions created by LOCH have been deployed across many industries including Critical Infrastructure, Government, Transportation, Healthcare, and Enterprises around the world.
With 80% of new IoT deployments wireless, wireless has fast become the new network and new attack surface. LOCH was recognized as a Gartner Cool Vendor 2021 for Edge Computing. Accomplishments
LOCH Technologies awarded Silicon Valley Start-up of the Year in April 2015 Silicon Valley Company of the Year May 2016
In 2017, Mr. Drummond was awarded the Most Innovative CEO of the Year. LOCH Technologies recognized as a Gartner Cool Vendor 2021 for Edge Computing. The company’s products are being sold today through partnerships with AT&T, Dell Technologies, Optiv Security, and Herjavec Group here in the US, and through international partners, Rikei Corporation (Japan) and Oxygen (Dubai).
About LOCH Technologies LOCH is a global leader in next-generation wireless threat monitoring. The company provides actionable threat intelligence across cellular 4G/5G networks as well as broad-spectrum IoT networks such as CBRS or Private LTE. With 80% of new IoT deployments wireless, wireless has fast become the new network and new attack surface, therefore, every wireless device needs to be discovered, identified and tagged along with its risk profile in order to secure this new multi-access edge regardless of what type of device it is, what protocol it uses, and who owns it. LOCH aims to secure the new world of wireless innovation that will drive digital transformation. Learn more: www.LOCH.io
7:00 PM Session One: Internet of Things, IoT, Reducing Vulnerability and Unauthorized Endpoints by Implementing Least Privilege
Abstract: IT security organizations big and small are concerned about threats from applications, endpoints, especially unmanaged endpoints, and IoT devices. They want to reduce the number of unknown endpoints/IoT devices and are concerned about unauthorized endpoints in the network.
They are concerned about the vulnerability of these endpoints and are wondering how to detect IoT device compromise. Protecting IoT devices, to segment them with least privileged access is a real challenge. Further, the organization must make sure sensitive data sent by these devices is protected while at rest and in motion. Finally, they must address privacy concerns on the data stored, and data processing throughout the product lifecycle. With all these challenges, where does the organization start? As security professionals, how do we onboard and secure these IoT devices? This discussion provides approaches that help to identify, gather context, understand behavior, and implement necessary segmentation of IoT devices.
Speaker Krishnan Thiruvengadam, Sr. Technical Marketing Engineer at Cisco, Director Communications, ISC2 East Bay Chapter
Sr. Technical Marketing Engineer, Drives product technical direction for Endpoint Analytics and newer innovations towards the Trusted workplace. Providing deployment solutions to customers and integration with customer eco-systems, Krishnan is an expert in Cisco ISE, its performance, integrations, and use cases. He evangelizes and presents the solution with experts in a variety of forums. Krishnan Develops the TDM, Solution deployment documentation, white papers, videos, demos. Work with customer/partner in adoption/POV etc.
Learn more from Krishnan about End Point Analytics
8:00 PM to 9:00 PM Session Two: The Failure of Security to Protect
Jacques Remi Francoeur (MBA, M.A.Sc., B.A.Sc.) Presents Security and Assurance Working Group, Digital Currency Global Initiative
The Failure of Security to Protect The total global economy in 2018 was estimated to be $86 Trillion. It is estimated that there are 4,5B people connected to the Internet, as of June 2019, based on a population of 7,7B, a 58.8% Internet penetration. The Global Risks Report 2019 outlines the greatest risks facing the world, cyber threats are the 4th most significant societal risk that is by no means under control. As the world accelerates into the 4th Industrial Revolution, according to the ITU Global Cybersecurity Index 2018, 73% of the Internet connected world today is unprotected while the remaining 27%, who think they are protected, spend 80% of the global security spending estimated to be $300B by 2023. Is Protection just for the Rich? Today, people extending themselves into the digital world are highly exposed to potential significant harm and have no way to detect or prevent the threat. Should Digital Protection be a Human Right! Security Inclusion Now! is a call-to-action to urgently drive global action to prevent an eventual untenable global situation that threatens the promises of the 4th industrial revolution – the increasing digital protection divide, the gap between the demand for protection and the available supply. The asymmetry of the problem is ironic. When we look at a rapidly morphing, well-funded and increasingly sophisticated and difficult to attribute threat, in relation to our current industry capability, there are significant limitations that if not addresses will inherently prevent society from achieving the required “one protection for all” with enough assurance at a reasonable cost. In a highly interconnected world, no one is protected unless everyone is. The presenter will explore a new way forward to transition from notional to precision security and from security information in a world of friction to security knowledge in a frictionless world. This will enable those less expert to participate in the protection of their organizations.
Security Control Expressions (SCE) Store Security Knowledge
Everyday security professionals spend countless hours searching for information that is highly distributed and fragmented. This highly subjective and non-interoperable information must be interpreted, synthesized, and communicated to stakeholders.
All matters security can be described uniquely & unambiguously by a simple “expression” model between 6 actors engaged in 5 relationships. The model is published by the ITU, Study Group 17: Security as Technical Report Unified Security Model.
Genesis Cybersecurity Program is the practitioner training program on the SCE Model innovation. The program involves the transfer & institutionalization of the capability to different centers of expertise for the development of a sustainable & growing security training & knowledge capture capability.
SINOW Security Validation Platform is a software tool that emulates the SCE model. A nested and iterative process stores security knowledge which is then available frictionlessly to all other dependent practitioners for knowledge verification or their specialized dependent knowledge contribution. It transforms Security & Compliance information in a world of friction to Security & Compliance knowledge in a frictionless world. By enabling instant and frictionless navigation & visualization of any security control, its state, relationships, and dependencies, the security practitioner is free to focus on security and not finding information.
Jacques is the founder and Chief Scientist of Security Inclusion Now – the USA, a California-based consulting, training, and software organization innovating in security tool development. Jacques is also a member of the World Economic Forum Expert Network recognized as a Blockchain security expert and the Team Lead of the Security & Assurance Working Group of the Digital Currency Global Initiative, a joint program of the International Telecommunications Union (ITU) & Stanford University.
Jacques has an MBA with honors from Concordia University, Montreal; M.A.Sc from the University of Toronto, Institute for Aerospace Studies and a B.A.Sc. in Engineering Science, Aerospace Engineering from the University of Toronto.
Jacques has over 30+ years of experience in high technology beginning his career as an Aerospace Engineer with the Canadian Space Agency, next moving to Silicon Valley in 1999, beginning his privacy and security consulting advisory career with KPMG, followed by SAIC and E&Y. Jacques is a 2018/19/20 US Delegate to the U.S. Department of State to ITU, Standardization Study Group 17: Security. He was also Vice-Chair of the ITU Focus Group on Digital Fiat Currency and co-chair of the Security Working Group. Finally, Jacques is also a US Marine Corp Cyber Auxiliary.
Jacques Remi Francoeur M.A.Sc, B.A.Sc, MBA
Chief Scientist & Founder Security Inclusion Now, USA
Earn up to 8 Continuing Education Credits by attending the day in full.
Join us virtually and learn about the latest cybersecurity threats facing your company, best cyber hygiene practices, solutions to protect against a cyber-attack, and much more – all from the comfort and safety of your home/office.
The Director of Operations of The NSA, Red Team will be leading a Security Keynote – “Looking Through the Eyes of the Cyber Attacker” – Exclusively at the Cyber Security Summit!
Additional thought leaders include the Asst. Special Agent in charge, FBI San Francisco Cyber Branch and other SMEs from Cybercrime Support Network, Center for Internet Security, Darktrace, ExtraHop, Intel and many more.
You are welcome to share this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event.
Please note: Admission is for C-Suite/Senior Level Executives, Directors, Managers, and other IT/Cyber Professionals and Business Leaders. Those in Sales / Marketing and Students are not permitted.
We encourage you to attend this invitation-only event, rated Top 50 InfoSec Conference to Attend Worldwide!
Speaker: Robin Basham on “NIST SP-800-53 r5 – The Control Reference Layer: Taming the Beast”
Abstract: NIST SP-800-53 r5 was a long labor with a few false starts. FedRamp dependencies still include r4, however, 75 new control, enhancement or attribute elements of r5 exist in the SSP – NIST SP-800-53B.
NIST 800-53 is a common reference layer used in mapping nearly all other Cybersecurity Frameworks –> compounding issues in failed updates to mapping
NIST Addendum to Mapping ISO/IEC 27001 missing Cloud, Privacy, Processing
Examining common pitfalls in notation for ISO and NIST Standards? How can these be overcome?
Exploring data elements necessary to mapping – a walk through the schema elements (reminder to look at Schema.Org)
NIST 800-53 r5 v. r4
NIST 800 171 r2
NIST 800 172 Enhanced Security Requirements for Protecting Controlled Unclassified Information; A Supplement to NIST Special Publication 800-171
ISO/IEC 27001:2013 €, as implemented with
ISO/IEC 27002:2013 €, including certification for Cloud, Privacy, and PII Processors
ISO/IEC 27017:2015 € 27002 for cloud services
ISO/IEC 27018:2019 € Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
ISO/IEC 27701:2019 € Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines
Case Study: Mapping NIST 800-53r5 to configuration rules such as those used in CIS Benchmarks
About the speaker: Owner EnterpriseGRC Solutions, President, ISC2 East Bay, Certified Information Systems Security (CISSP), Audit (CISA), Governance (CGEIT) and Risk (CRISC), ICT GRC expert and early adopter in both certifying and offering certification programs for Cloud Security and Virtualization, with industry experience in the management of systems, controls and data for SaaS (IaaS and PaaS), Finance, Healthcare, Banking, Education, Defense, and High Tech. Positions held include Technology Officer at State Street Bank, Leading Process Engineering for a major New England CLEC, Sr. Director Enterprise Technology for multiple advisory firms, founding, engineering product and running two governance software companies, and most recently Director Enterprise Compliance for a major player in the mortgage industry, Ellie Mae. Recently full time at Cisco, Unified Compliance and ISMS Program Manager, Robin currently leads LSHC in support of three MDM clients as well as donating substantial time to supporting social platform security to further social democracy. Robin recently contributed a mapping refresh for NIST 171/172 to Dr. Ron Ross FISMA team and is currently contributing to the CCM Mapping for version 4.0. She is also a past board member to the ISACA SV Chapter.
Where: online Zoom webinar
When: Tuesday, June 8, 2021 at 06:00 PM Pacific Time
Pre-registration is required. Registration ends automatically at the scheduled start time.
After registering, you will receive a confirmation email containing information about joining the meeting.
In order to process CPEs (Continuing Professional Education points) for members, please double check your (ISC)² member number is entered correctly.
We will use Zoom’s webinar attendance report to compute attendees’ CPEs. To get the full 2 CPEs for the meeting requires attendance from the scheduled start time to the end of the meeting. Late arrivals and/or early departures will receive CPEs based on minutes attended, rounded down to 0.25 CPE increments.
If you need to self-submit your CPEs for any reason (such as not entering an (ISC)² member number), use 1 CPE per hour in 0.25 CPE increments for the portion of the 2 hours you attended. If the meeting ends before 2 hours, full attendance still counts for 2 CPEs.
We hope you enjoyed CCM 4.0 mapping, Part Two: A technical dive into unified compliance strategy on May 13, 2021, 7:00 PM PDT at: https://attendee.gotowebinar.com/register/4980569285837634829 After registering, the pre-meeting, presentation, and post-meeting are all on playback. We apologize for the glitch in editing. The session starts at minute 30. You are welcome to enjoy the presentation but please forward to minute 30 and feel free to stop viewing at minute 2:35:00.
We had an extra session with Eric Heitzman Director of Business Development. Eric helps Security Compass’s largest customers (in finance, technology, health, oil & gas) address Security, Privacy, and Compliance for software applications at scale. Eric is a career application security expert (security consulting, static analysis, and dynamic analysis).
Members of the ISC2 East Bay and ISACA Silicon Valley Community on April 29th had an opportunity to review reasons to quickly adopt the newly released Cloud Security Alliance, Cloud Controls Matrix V4.0 Cloud Controls Matrix (CCM), a Cybersecurity Control Framework (cloudsecurityalliance.org). As part one of a two-part discussion, that evening covered some of the common pitfalls that plague our efforts as a community, and as promised, this May 13th, 2-hour event offers a chance to continue with a deeper technical dive.
What Major Regulations Completely Changed over the last 24 months? Why update everything now? (What’s the domino effect of waiting?) Which are the key new requirements, such as Cryptographic Controls and new legal considerations for IoT? How are DevOps and SecOps better represented in the new standards? (NIST/CCM) Who and where are the working groups we can interact with to accomplish new mapping? What are the common pitfalls in the notation for ISO and NIST Standards? How can these be overcome?
Leveraging existing AICPA SOC 2, HITRUST, PCI DSS V3.2.1, FedRamp, DFARS CMMC, ISO/IEC 27001 plus Privacy, Processing and Cloud requires a detailed understanding of these frameworks – i.e., experience completing engagements to do this work.*
Creating useable cyber framework mapping is an exercise that drives common language across all Policies and Programs and is necessary to meaningful resilience and compliance. Volunteers generally can’t do it. Is increasingly necessary (CMMC)
The available mappings offered by AICPA, NIST, HITRUST, and CSA have proven un-useful. As a community, it’s up to us to restore consumer confidence in using CCM 4.0 as a mapped framework. We also seek to support NIST expanded efforts for SP-800-53 r5, SP-800-53B, NIST SP-800-171r2, SP-800-172 Cybersecurity
So, what’s in the new standard and why is mapping so hard?
Audit and Assurance Policy and Procedures; Independent Assessments; Risk-Based Planning Assessment; Requirements Compliance; Audit Management Process; Remediation
Application and Interface Security – AIS
Application and Interface Security Policy and Procedures; Application Security Baseline Requirements; Application Security Metrics; Secure Application Design and Development; Automated Application Security Testing; Automated Secure Application Deployment; Application Vulnerability Remediation
Business Continuity Management and Operational Resilience – BCR
Business Continuity Management Policy and Procedures; Risk Assessment and Impact Analysis; Business Continuity Strategy; Business Continuity Planning; Documentation; Business Continuity Exercises; Communication; Backup; Disaster Response Plan; Response Plan Exercise; Equipment Redundancy
Off-Site Equipment Disposal Policy and Procedures; Off-Site Transfer Authorization Policy and Procedures; Secure Area Policy and Procedures; Secure Media Transportation Policy and Procedures; Assets Classification; Assets Cataloguing and Tracking; Controlled Access Points; Equipment Identification; Secure Area Authorization; Surveillance System; Unauthorized Access Response Training; Cabling Security; Environmental Systems; Secure Utilities; Equipment Location
Data Security and Privacy Lifecycle Management – DSP
Governance, Risk and Compliance – GRC
Governance Program Policy and Procedures; Risk Management Program; Organizational Policy Reviews; Policy Exception Process; Information Security Program; Governance Responsibility Model; Information System Regulatory Mapping; Special Interest Groups
Human Resources – HRS
Background Screening Policy and Procedures; Acceptable Use of Technology Policy and Procedures; Clean Desk Policy and Procedures; Remote and Home Working Policy and Procedures; Asset returns; Employment Termination; Employment Agreement Process; Employment Agreement Content; Personnel Roles and Responsibilities; Non-Disclosure Agreements; Security Awareness Training; Personal and Sensitive Data Awareness and Training; Compliance User Responsibility
Identity and Access Management – IAM
Identity and Access Management Policy and Procedures; Strong Password Policy and Procedures; Identity Inventory; Separation of Duties; Least Privilege; User Access Provisioning; User Access Changes and Revocation; User Access Review; Segregation of Privileged Access Roles; Management of Privileged Access Roles; CSCs Approval for Agreed Privileged Access Roles; Safeguard Logs Integrity; Uniquely Identifiable Users; Strong Authentication; Passwords Management; Authorization Mechanisms
Interoperability and Portability – IPY
Interoperability and Portability Policy and Procedures; Application Interface Availability; Secure Interoperability and Portability Management; Data Portability Contractual Obligations
Infrastructure and Virtualization Security – IVS
Infrastructure and Virtualization Security Policy and Procedures; Capacity and Resource Planning; Network Security; OS Hardening and Base Controls; Production and Non-Production Environments; Segmentation and Segregation; Migration to Cloud Environments; Network Architecture Documentation; Network Defense
Logging and Monitoring – LOG
Logging and Monitoring Policy and Procedures; Audit Logs Protection; Security Monitoring and Alerting; Audit Logs Access and Accountability; Audit Logs Monitoring and Response; Clock Synchronization; Logging Scope; Log Records; Log Protection; Encryption Monitoring and Reporting; Transaction/Activity Logging; Access Control Logs; Failures and Anomalies Reporting
Security Incident Management, E-Discovery, and Cloud Forensics – SEF
Security Incident Management Policy and Procedures; Service Management Policy and Procedures; Incident Response Plans; Incident Response Testing; Incident Response Metrics; Event Triage Processes; Security Breach Notification; Points of Contact Maintenance
Supply Chain Management, Transparency, and Accountability – STA
SSRM Policy and Procedures; SSRM Supply Chain; SSRM Guidance; SSRM Control Ownership; SSRM Documentation Review; SSRM Control Implementation; Supply Chain Inventory; Supply Chain Risk Management; Primary Service and Contractual Agreement; Supply Chain Agreement Review; Internal Compliance Testing; Supply Chain Service Agreement Compliance; Supply Chain Governance Review; Supply Chain Data Security Assessment
Endpoint Devices Policy and Procedures; Application and Service Approval; Compatibility; Endpoint Inventory; Endpoint Management; Automatic Lock Screen; Operating Systems; Storage Encryption; Anti-Malware Detection and Prevention; Software Firewall; Data Loss Prevention; Remote Locate; Remote Wipe; Third-Party Endpoint Security Posture
Your speaker tonight is ISC2 East Bay’s own, Robin Basham, Owner EnterpriseGRC Solutions, President, ISC2 East Bay, Certified Information Systems Security (CISSP), Audit (CISA), Governance (CGEIT) and Risk (CRISC), and GRC expert. Robin recently contributed a mapping refresh for NIST 171/172 to Dr. Ron Ross FISMA team and is currently contributing to the CCM Mapping for version 4.0. She is also a past board member of the ISACA SV Chapter.
Zero Trust Data Protection A new approach to protecting data is being adopted across organizations that have a remote workforce accessing cloud applications (and data) outside of their network. The essentials of Zero Trust Data Protection are simple and powerful:
Never trust, always verify – continuously
Identity: Conditional access to web, apps, app instances is based on user, device, application risk
Applications: Contextual activity controls are given within each and every app based on these risk levels
Data: Advanced cloud data protection policy actions are enforced, with user coaching, to protect sensitive data, across documents, images, screenshots, etc.
Attend this session to learn about the fundamentals of zero trust data protection along with a live demo (powered by Netskope) of real-world use cases.
Data is the most precious commodity for companies, and it needs to be protected at all costs. It’s an increasing challenge for our customers to protect and retain control of their data as they move from an on-premise world into the cloud and SaaS environments. Customers further face a wide range of stringent data protection regulations in various regions and countries as they move into globally connected cloud. These regulations demand strict data storage controls in terms of geo-locations and contextual data access controls based on user attributes, for example, geo-location, citizenship, job contract type, department, etc. These data protection regulations impose heavy penalties on data breaches: a single data breach can be critically detrimental for a company. One of the most common requests from cloud customers is around geo-location: “Where is my data? How can I see where my data is and who is accessing it?” This presentation will outline industry approaches (or lack thereof) to address the following topics:
full stack transparency
data residency controls
contextual application access control
customer-controlled encryption keys
and finally, “where is my data going?”
Further, the presentation will suggest how SAP Data Custodian offers a wide range of powerful data security features to help our customers protect their data in the cloud and to get full control of their data in the cloud. These features include full-stack transparency, data residency controls, contextual application access control, data discovery, anomaly detection, and customer-controlled encryption keys. These features help our customers meet their data protection regulations, data sovereignty and business compliance requirements.
Dr. Wasif Gilani is Vice President / Head Product & Solution Management in SAP Multi-Cloud organization, leading strategic cloud data security and data protection solutions. Wasif is also the Chief Product Owner of the SAP Data Custodian solution, an initiative that he started in 2017, and which won the prestigious International Association of Privacy Professionals (IAPP) innovation award in 2019. Wasif has been working with SAP for 14 years and has worked extensively in the areas of Cloud Computing, Data Security, Data Protection, Business Intelligence, Business Process Management, and System Engineering.
Three steps to achieving true cloud security with Cloud Infrastructure Entitlements Management (CIEM)
Achieving security in the cloud is an ever-moving target, making it challenging for security and cloud infrastructure teams to keep up with current risks, much less learn about new approaches. Over the past few years, too many global enterprises have fallen victim to hacks, attacks, and breaches, in many cases attributable to poor implementation of security policies and to the rise of human and non-human identities with excessive high-risk cloud permissions.
Current approaches, such as traditional assumption based Role-based Access Controls (RBAC) and other labor-intensive manual processes were early attempts to stay one step ahead of breaches due to accidental misuse and malicious exploitation of permissions. But they simply don’t work in the cloud!
In this webinar, we’ll take a look at Gartner’s newly defined category called Cloud Infrastructure Entitlements Management (CIEM). CIEM defines the next generation of solutions for managing access to permissions and enforcing least privilege in the cloud.
CloudKnox Security, the leader in the CIEM space, will take you through a quick-start path to achieving CIEM by leveraging a three-phased lifecycle approach. You will learn how to:
· Discover who (identities) is doing what, where (resources) and when across your cloud infrastructure
· Manage risk by giving identities just-enough and just-in-time permissions to perform their daily tasks and nothing more
· Monitor identity activity changes and prioritize alerts based on risk level associated with anomalous behavior
Join CloudKnox to explore the key steps to managing cloud permissions with CIEM and see how quickly you – and your organization – can reduce your attack surface by getting ahead of the #1 unmanaged risk to cloud infrastructure – identities with excessive high-risk permissions
Maya Neelakandhan: Head of Customer Success at CloudKnox Security
CloudKnox delivers a single platform for managing the entire identity privilege lifecycle across hybrid cloud utilizing a revolutionary Activity-based Authorization model. This groundbreaking approach offers a non-intrusive way to manage identity privileges and protect organizations’ critical infrastructure from malicious and accidental credential abuse.
Interactive Application Security Testing (IAST) is a relatively new technology that complements existing application security testing technologies. In this presentation, we will be discussing a wide range of topics:
History and current state of IAST,
Typical challenges of building security in DevOps,
State of adoption of IAST,
IAST relationship to SAST, DAST, SCA and RASP, IAST and threat modeling,
IAST and the cloud,
Data flow analysis,
How to instrument an application,
How to triage results,
Sensitive data tracking,
IAST pros and cons,
Live demo of an IAST solution
Eugene Pakhomov, CISSP
For the last few years, Eugene Pakhomov’s main focus was introducing Interactive Application Security Testing (IAST) technology to multiple customers in the Bay Area and throughout the country. Having worked in both Synopsys and Contrast Security, Eugene has a unique experience of bringing leading IAST technologies to the market and helping customers to incorporate IAST in their programs.
Asma Zubair, Product Manager, Sr. Staff at Synopsys Inc
Asma Zubair is a seasoned product leader with extensive experience managing and launching products and services in the application security and application protection space. At Synopsys, Asma manages Seeker, the industry’s first IAST solution with active verification and sensitive-data tracking for web-based applications. Prior to Synopsys, Asma led teams at WhiteHat Security, The Find (Facebook), and Yahoo!. Asma holds a degree in electrical engineering from IIT in India and an MBA from UC Berkeley’s Haas School of Business.
8:30 PM – The 2021 Annual Meeting of ISC2 East Bay Chapter Members
The 2021 Annual Meeting of Members will be held as part of our January Member event and is open to all members, providing an electronic vote to elect Directors and Officers of the Chapter to serve for stated terms or until their successors are duly qualified and elected.
The ballot for the Board of Directors is open until January 14th, 2021. Anyone wishing to nominate a member or themselves to any position should email their intention to email@example.com, indicate their intention to run for a position, and include a very short bio, their ISC2 ID, and the position for which they would like to serve. Our ByLaws provide rules for specific roles, however, we welcome new members and hope anyone wishing to participate sees a role for themself. People are also welcome to reach out to any member of the existing board and to collaborate about ways to be a leader in this community.
Annually the East Bay Chapter has nominations and an election of Executive Officers (Board) for the upcoming year.
Members must be registered with the Chapter and in attendance to vote. Board positions are 2-year terms. In light of the Pandemic, Several Board positions have agreed to serve for additional time. Candidates must be an active Chapter member for at least one year except for the role of President. The presidential candidate must be a member in good standing for at least two years and have previous experience as a member of the board.
This year’s ballot of held and open positions are:
Responsible for presiding over the business meetings and ensures that all rules and regulations are observed, appoints and serves as a member of all committees, decides tie votes and ensures that all officers faithfully perform their duties. Must have (ISC)2 Credential in good standing.
Robin Basham (current) Write-in:
Responsible to co-assist in operations and general administration of the Chapter and assumes the responsibilities of President and Secretary when they are unavailable. Must have (ISC)2 Credential in good standing.
Istvan Berko (current) Write-in:
Responsible for keeping an accurate and complete record of all chapter receipts and expenditures, develop detailed accounting reports, and file any necessary financial applications or forms required by (ISC)2 or applicable laws. Must have (ISC)2 Credential in good standing.
Gary Dylina (current) Write-in:
Conduct meetings, record proceedings of the chapter, assist in the election process, write correspondence, and prepare reports to (ISC)2 and assist in general operations as needed. Must have (ISC)2 Credential in good standing.
Carmen Parrish (current) Write-in:
Organizing and hosting events, seminars, and other functions of the Chapter, liaison with the Director Marketing, and Director – Operations, assist in content development for the Chapter website, and assist in the general operations of the Chapter as needed; should always work in the interest of East Bay Chapter.
Denise Bonds (current) Write-in:
Responsible for assisting the Chapter members with their continuing education (CE) efforts, to provide information about the CE opportunities, and to assist in the general operations of the Chapter as needed.
Maura Jones (current) Write-in:
Director – Membership
Responsible for promoting the membership growth of Chapter, ensuring smooth entry for new members, and maintaining accurate membership records. Must have (ISC)2 Credential in good standing.
Kerry Bryan (current) Write-in:
Director – Communications & Marketing
Responsible for marketing the events and seminars of the Chapter, liaison with President and Director-Programs, and assist in the general operations of the Chapter as needed.
Krishnan Thiruvengadam (current) Write-in:
Director – Cybersecurity Awareness
Responsible for raising Cybersecurity awareness in the community via educating kids, seniors, parents, etc., about internet safety, cyberbullying etc., based on “Safe and Secure Online” or similar organizations, and assist in general operations as needed.
Director – Sponsorship
Responsible for reaching out to industry and businesses to seek donations and sponsorship for the Chapter, Chapter events, and assist in general operations as needed. This role reports to the President and Treasurer.
Director – Career Development
Responsible for assisting, guiding, and mentoring the Chapter members with career development and assist in general operations as needed, for gathering and updating the jobs page for the chapter website.
This position does not require election. Members are welcome to participate in conference committee planning, offering a chance to bring speakers, plan events, coach presenters, and coordinate the physical day of our one day them-based training
Technology and Web Design
Our chapter welcomes anyone with an eye towards web site maintenance, a flare for digital records management, the desire to help in building our community relationship. Just let us know who you are so we can include you in the appropriate team meetings.
People are welcome to reach out to any existing member to learn more about their role.
During the most demanding and tragic of years, we’ve decided to share an experience regarding a Cybersecurity topic of interest, and a call to action. In the spirit of giving each Board member will take a turn sharing 10 to 15 minutes about a topic that in some way made this last year better.
7:00 PM (ISC)2 East Bay Chapter President Robin Basham
Topic: Data-Driven Decision Making in Cyber Security
Presented by Dr. Marty Trevino, Chief Scientist for the Insight Cyber Group
What is Decision Support Science?
Random Forests and Linear Regressions
Neuroscience and Cognitive Behavior
What do bad actors understand about our thalamus and visual cortex?
What are intractable equations that enforce what we believe at a rate of 6 to 1 over the new information that must be understood?
What’s the importance of Peer Review and Cohesion?
What indicators tell us quite clearly if a group is likely to protect us or do harm?
Do I like my job? Do I like my coworkers? Am I committed to my company? Do people listen to me? Do people respect my opinion?
What if these same questions apply to the entire social platform and the state of our digital citizens?
Dr. Marty Trevino is the Chief Scientist for the Insight Cyber Group https://www.insightcybergroup.com. and serves as a Strategic Advisor to numerous other firms. Dr. Trevino is a nationally known Data / Decision Scientist and thought leader with a focus on building advanced Analytics and Artificial Intelligence Systems. Dr. Trevino has conceptualized, developed, and deployed multiple next-generation Visual Analytic systems in the US Intelligence Community and the cybersecurity industry in Silicon Valley. Dr. Trevino’s passion is improving higher-order decision-making through a deep understanding of the Neuroscience, Cognitive, and Behavioral Psychology of decision-making with Visual Analytics. Dr. Trevino has led global and diverse technical and is a frequent writer and speaker.
Dr. Trevino is the senior technical advisor to the Inter-American Defense Board in Washington DC advising both the governments and military organizations of 27 nations of the Americas on advanced concepts in Cyber Security and Analytics. Dr. Trevino is also a visiting professor at the National Defense University in Washington DC and is frequently a speaker at the Inter-American Defense College. Dr. Trevino holds a Bachelor’s, two Master’s degrees, and a Doctoral degree in addition to various certifications.
MONITORING AND INCIDENT RESPONSE FOR THE IoT Better analytics.
Insight Cyber Group provides a portfolio of services that deliver continuous, real-time cyber risk management and improved operational efficiencies of industrial IoT assets. Our services combine advanced visibility and expert analytics with proprietary automated tools. Insight Cyber supports the entire lifecycle of risk monitoring and incident response capabilities required by today’s industrial enterprises, filling three crucial IoT cybersecurity gaps:
1 – The Analytics Gap – Analytics for IoT are not detailed or granular enough.
2 – The Context Gap – IoT events lack context for interpretation.
3 – The Skills & Knowledge Gap. There is a severe shortage of skilled IoT cyber resources.
Insight Cyber’s expert service-based approach delivers immediate value to your organization. We combine superior production data and state-of-the-art analytics with expert human intelligence. Our positive outcomes include measurable cyber risk monitoring, proactive defense of your IoT production environment and improved operational process efficiencies. – We protect your investments with advanced data collection tools that provide deeply granular views of process and SCADA data; advanced visibility that detects security and production issues; and dynamic, NIST-based risk scoring of IoT assets. – We extend your knowledge base by augmenting your existing team with dynamic reports and expert analysis.