September 10th Member Meeting – Get Hired

Please register for Thursday, September 10, 7 PM – 9 PM 2 CPE “Get Hired” Cyber Security event – Free and open to nonmembers.

Head of Permanent Security Recruitment – and Co-Founder at Code Red Partners –  Cybersecurity Careers Thriving During the Pandemic


Tom Alcock – Co-Founder at Code Red Partners | Cybersecurity Staffing and Consulting

Bruce Pendrey – Head of Security Recruitment – Permanent

Code Red Partners

Code Red specializes in cybersecurity staffing. We recruit exclusively in the security space, giving us an in-depth understanding of the needs of both the job seekers and employers that we partner with. We pride ourselves on our extensive network within the Financial Services industry, including FinTech, Banking, and Blockchain.

JOBS HAPPENING RIGHT NOW, and how you get one.


August 13th 2020 Member Meeting

Life Sciences & Health Care, Medical Device Manufacturing and Cybersecurity, A Strategy

<<LSHC Webinar Replay>>

LSHC Centric Common Control Approach-short version


Life Sciences & Health Care, Medical Device Manufacturing and Cybersecurity, A Strategy

As the Pandemic moves to its sixth month, we see a shift not only in our prioritization of health issues but how we do medicine and the implications of cybersecurity across the proliferation of attack services ranging from devices to home computing.

  • Life Science and Health Care (LSHC) – Market, Players, Opportunities
  • Two key documents for learning – BSI Cybersecurity of Medical Devices; MDIC Medical Device Cybersecurity Report
  • Cyber Related Standards
  • Frameworks, Standards & Tools, How CISO’s Address MDM Cybersecurity
  • List of resources and Laws
  • IoT and CCPA
  • Mapping and Tagging – Unification within GRC and Cybersecurity Risk Management
  • Integration Progress – Facilitated Compliance Management
  • Investment in Licenses and Partners

Robin BashamRobin Basham is the owner EnterpriseGRC Solutions, President, ISC2 East Bay, Certified Information Systems Security (CISSP), Audit (CISA), Governance (CGEIT) and Risk (CRISC), ICT GRC expert and early adopter in both certifying and offering certification programs for Cloud Security and Virtualization, with industry experience in the management of systems, controls and data for SaaS (IaaS and PaaS), Finance, Healthcare, Banking, Education, Defense, and High Tech. Positions held include Technology Officer at State Street Bank, Leading Process Engineering for a major New England CLEC, Sr. Director Enterprise Technology for multiple advisory firms, founding, engineering product and running two governance software companies, and most recently Director Enterprise Compliance for a major player in the mortgage industry, Ellie Mae. Having served as Cisco, Unified Compliance, and ISMS Program Manager for a multi-year GRC project, Robin currently leads EnterpriseGRCSolutions LSHC initiative in support of three MDM clients. Robin may also be recognized for donating substantial time to supporting social platform security to further social democracy. Robin is also a past board member for the ISACA SV chapter.

Standard, Law or Framework Web Link to Source
California Consumer Privacy Act of 2018 California Consumer Privacy Act (CCPA)
Eudralex Volume 4 Annex 11 – Computerized Systems Eudralex Volume 4 Annex 11 –Computerized Systems
GAMP® 5 Guide: A Risk-Based Approach to Compliant GxP Computerized Systems GAMP®5
HIPAA – HITECH Title 45 C.F.R. § 164 HIPAA – HITECH Title 45 C.F.R. § 164
ISO/IEC 27001:2013 € Information technology — Security techniques — Information security management systems — Requirements ISO/IEC 27001:2013 €
ISO 27799:2016 Health informatics — Information security management in health using ISO/IEC 27002 ISO 27799:2016
ISO/IEC 27002:2013 € Information technology — Security techniques — Code of practice for information security controls ISO/IEC 27002:2013 €
ISO/IEC 27017:2015 € 27002 for cloud services ISO/IEC 27017:2015 € 27002 for cloud services
ISO/IEC 30111:2019 Information technology — Security techniques — Vulnerability handling processes ISO/IEC 30111:2019
ISO 14971:2019 Medical devices — Application of risk management to medical devices ISO 14971:2019 Medical devices — Application of risk management to medical devices
Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook (MITRE) Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook
Premarket Management of Cybersecurity in Medical Devices Premarket Management of Cybersecurity in Medical Devices
Postmarket Management of Cybersecurity in Medical Devices Postmarket Management of Cybersecurity in Medical Devices
Title 21 CFR Part 820 QMS Requirements 21 CFR Part 820 QMS Requirements
*An overview of the medical device industry – MedPAC An overview of the medical device industry – MedPAC
*Cybersecurity of medical devices – Addressing patient safety and the security of patient health information Cybersecurity of medical devices

IoT and California Consumer Privacy Act, CCPA

TITLE 1.81.26. Security of Connected Devices, a new law, was designed to protect the security of IoT devices and the information those devices hold.

  • The law can be enforced only by the attorney general, a city attorney, a county counsel, or a district attorney, and does not provide for any right of private action.
  • The law does not apply to connected devices already subject to federal security standards.

The CCPA became effective on January 1, 2020

  • Officially called AB-375, CCPA is a bill that enhances privacy rights and consumer protection for residents of California. Signed into Law June 28, 2018, CCPA amends Part 4 of Division 3 of the California Civil Code.

July 9th 2020 Member Meeting

Please register for The Road to Zero-Trust: Past, Present, and Future: What is Zero Trust on Jul 9, 2020, 7:00 PM PDT at:
After registering, you will receive a confirmation email containing information about joining the webinar.

The Road to Zero-Trust: Past, Present, and Future: What is Zero Trust <Araali_ Deck for (ISC)2>

Organizations measure their Application teams on deployment velocity, feature release velocity, and performance of their apps. In today’s cloud-native world, app teams are building and iterating at lighting speed, churning out multiple features, and releases a day. Often application teams feel dragged down by their security counterparts, and the application security gets left behind. The disconnect between app and sec drives companies to focus more on Response and Detect – which is more manual and expensive than automated Prevention. Even though teams spend more on security, breaches galore.

Over the last couple of decades, analysts and the security community, focussed on Preventive Security, concentrated on user and hardware devices (e.g., software-defined perimeter (SDP), Zero-Trust, and Privileged Access Management). These technologies deliver the least permissive privilege and access for users and their devices, but the apps running in the data centers and hybrid cloud were never covered. One of the key reasons is that users and devices are independent entities, and they have identities – 2FA like a fingerprint, SMS, etc. Apps don’t have 2FA.

Different companies took different paths to deliver zero-trust for apps through Big Data, ML, Network processors, FPGAs, etc. However, the promised land of Application Zero-Trust remained elusive. Even though enterprises know the least permissive privilege/zero trust is the right way to go, they struggle to adapt. The conflict is mainly centered around three key pillars – operation complexity, business disruption, and operational cost.

In this talk, Abhishek will cover some of these ideas to unpack the concepts in an easy to understand fashion. Also, he will share some key ideas you should keep in mind while thinking of protecting your custom apps running in your public and private clouds.

Abhishek Singh, CEO, Araali Networks

Abhishek was previously the Co-Founder/VP Engineering at Tetration Analytics where he led the initial team to build and scale a datacenter-scale platform to enable micro-segmentation and security in a Virtual Machine environment. Prior to Tetration, he held engineering leadership positions at Aruba, Cisco and Ericsson.

Abhishek has a Bachelor’s in Technology degree from the Indian Institute of Technology Kanpur and a Masters’s degree from John Hopkins University (both in Computer Science).

June 11th 2020 Member Meeting

Registration for the event:

Registration for Atakama June 11 – REQUIRED

Thu, Jun 11, 2020 7:00 PM – 9:00 PM PDT

In case you missed it or want to re-watch the video, you can find an exclusive recording of the webinar at the link below:

Watch The Video Here

Topic: Data-Centric Security in an entirely Remote World

Atakama protects files using advanced threshold cryptography and by inextricably linking files stored in one location to more than one physical device.

This session introduces the founders speaking on the problems they found and solved. Attendees can get a free trial license and experience the Atakama approach to file level security as required on any type of device and under any permutation of requirements for rights management.

Learn more at Atakama’s recent press release

Meet Daniel H. Gallancy and Dimitri Nemirovsky from Atakama

Daniel H. Gallancy  

CEO, Atakama,  LinkedIn 

200 Park Ave, 17th Floor, New York, NY 10166 – +1-212-273-9580

About Daniel:

Daniel H. Gallancy is the CEO and a founding member of Atakama, a NYC-based information security software company. Atakama Inc. provides unparalleled data protection for businesses. By employing a file-by-file encryption design, Atakama eliminates the ability for attackers to directly profit off of confidential data and substantially mitigates the damage of unpreventable attacks. Atakama’s encryption solution helps companies adhere to mandatory compliance regulations and in the process, provides best-in-class protection for sensitive and non-public information. Atakama’s distributed key management protocols can be customized based on company or department needs, seamlessly integrates with existing cybersecurity stacks, and can be deployed within hours.

Mr. Gallancy has provided bitcoin and blockchain-related advisory services for private corporations, investment management firms, post-trade processing companies, central counterparties, and US State and Federal regulators.

Prior to founding Atakama, Mr. Gallancy spent ten years in the asset management industry. Mr. Gallancy was an investment professional at Beaconlight Capital and, before that, at Alson Capital Management. Mr. Gallancy’s areas of focus included semiconductor capital equipment, IT hardware, software, and telecommunications. Mr. Gallancy was responsible for corporate diligence, financial analysis, and investment decision-making.

Daniel is one of the co-founders of SolidX Management LLC, a company that has filed a registration statement with the Securities and Exchange Commission relating to the proposed launch of the VanEck SolidX Bitcoin Trust, which will seek to provide shareholders with exposure to the daily change in the U.S. dollar price of bitcoin. Bitcoin to be held by the VanEck SolidX Bitcoin Trust will carry insurance against theft, loss, and other adverse operational events.

Daniel was raised in Queens where he attended public school. He taught himself to program in C at age 10. Daniel graduated from Stuyvesant High School before attending the University of Pennsylvania where he earned a BA in Physics and a BSE in Electrical Engineering. During college, Daniel built a wireless, laser-based network communication link (back in the days before WiFi). He earned an MBA from Columbia University and is a CFA Charterholder.

How it Works – The Graphichowitworks_infographic_03

Dimitri Nemirovsky

Co-founder & COO Atakama  LinkedIn




About Dimitri: Dimitri is the Cofounder and COO of Atakama. Dimitri took his first coding classes in 8th grade. He holds BBA and MBA degrees from Baruch College and earned his JD from Brooklyn Law School. Prior to co-founding Atakama, Dimitri practiced regulatory and enforcement law at an international law firm where he focused on the various technology, digital archive, and e-discovery regulations that developed during the 2000’s.

About Atakama

Atakama Inc. is an information security software company that provides unparalleled data protection for businesses. By employing a file-by-file encryption design, Atakama eliminates the ability for attackers to directly profit off of confidential data and substantially mitigates the damage of unpreventable attacks. Atakama’s encryption solution helps companies adhere to mandatory compliance regulations and in the process, provides best-in-class protection for sensitive and non-public information. Atakama’s distributed key management protocols can be customized based on company or department needs, seamlessly integrates with existing cybersecurity stacks, and can be deployed within hours. Undeniably, a vast improvement over the status quo.

If you want to improve your security and better protect your data, we’re here to help you.

To learn more or to do business with Atakama please contact us: 
Specialties: encryption, cloud security, cybersecurity

Atakama will be offering a free user version of their software to attendees and will be showcasing a live demo of their revolutionary file encryption product that is designed to protect companies from today’s emerging threats such as maze attacks.


May 14th 2020 Member Meeting

Topic: IT Assurance Across System Boundaries

(Registration Below)

IT administrators and security experts face a daunting challenge assuring information security and privacy across numerous interconnected systems, many of which they may not exercise authority over.  These integrated entities, such as vendor applications and industrial control systems, are housed both on-premise and in the cloud.  In this presentation, David will outline the challenge of providing security assurance across system boundaries, show some examples of breaches across system boundaries, and explore risk management techniques for dealing with this seemingly intractable problem.

Speaker: David Trepp, M.S., Partner, IT Assurance

A technology entrepreneur since 1989, David has led over 1,300 comprehensive information security penetration test engagements for satisfied customers across all major industries throughout the United States and abroad. He has given dozens of presentations to audiences nationwide, on a variety of information security topics. David, a US Army veteran, is founder and CEO of Info@Risk (now BPM), a leading comprehensive penetration test firm. David has worked in information security with banking, law enforcement, government, healthcare, utilities, and commercial organizations since 1998.  When not at work testing security controls, David exercises his risk management skills as an avid rock climber and long-distance cyclist.

IT Assurance Across System Boundaries 

Thu, May 14, 2020, 7:00 PM – 9:00 PM PDT

Add to Calendar

1. Click the link to join the webinar at the specified time and date:

Join Webinar

2. Choose one of the following audio options:

When the webinar begins, you will be connected to audio using your computer’s microphone and speakers (VoIP). A headset is recommended.


If you prefer to use your phone, you must select “Use Telephone” after joining the webinar and call in using the numbers below.
United States: +1 (914) 614-3221
Access Code: 660-163-974
Audio PIN: Shown after joining the webinar

About BPM: Our Member Meeting Sponsor!

The BPM Information Security Assessment team (formerly Info@Risk), has worked with all types of organizations throughout the United States. A large percentage of the Information Security Assessment team’s clients are repeat customers, with many of our relationships stretching back nearly to our beginning in 1998. We attribute these enduring relationships to three facts:

  • our clients value the depth and comprehensive quality of our work
  • our clients recognize that to truly manage risk, an unbiased assessment and remediation plan are a priority when choosing a vendor
  • our clients seek a partnership with their impartial assessment vendor to guide them in making informed, risk-based decisions for their organization

BPM’s Information Security Assessment team provides thorough and comprehensive information security assessments so they can make informed, confident risk-based decisions best suited for their organization. We are proud of the work we have done and are confident our references will support this pride.

Our assessment-focused services include:

  • Comprehensive Penetration Test
  • Targeted Application Penetration Test: Web/Mobile/Client-Server
  • Targeted Wireless Penetration Test
  • Stand-Alone Penetration Test, e.g. email Test, Social Engineering Test, Physical Security Test, etc.
  • Password Audit
  • Firewall Ruleset Review
  • Configuration Review
  • Vulnerability Assessment
  • Infosec Program Review
  • IT General Controls Audit
  • Infosec Risk Assessment
  • Infosec Training
  • Social Engineering Awareness
  • Leadership/Governance

Canceled-April 9th 2020 Member Meeting

Canceled – Postponed.

Due to impacts on our board and volunteers from the COVID19 outbreak, we are unable to go forward with chapter activity.

Please be on the lookout for a series of online meetings.

We look forward to inviting Rafae Bhatti to another event.

Cybersecurity and CCPA, Looking at Legal Implications affecting Cyberthreat management and response

Meet Rafae Bhatti, Data protection leader and licensed CA attorney






Location Online – Link to be emailed to attendees.

February 13th 2020 Member Meeting

Location: Oracle 5805 Owens Dr, Pleasanton, CA 94588, Time: 7:00 to 9:00 PM

7:00 PM Chapter Announcements, pizza

Agenda: Announcing the results of the annual election.

7:15 PM Presentation

Title: Cyber-laundering

Meet Faranak Firozan, Security Incident Response| Investigation| Scrum| Post Mortem| SQL| Anti Money Laundry| KYC| Internal Abuse| CAMS | GISF

Abstract: Among different types of financial crimes facilitated by the Internet, money laundering stands out due to the diverse methods criminals use to legitimize ill-gotten profits. The criminal practice of money laundering in cyberspace through online transactions has been
termed as cyber-laundering. One of the important concepts for launderers are to avoid detection from law enforcement, and the Internet has opened a large window of opportunities for them.
In this talk, we review a couple of malware attacks via email case studies, statistics on source of revenue for cybercriminals, and industry defenses against the most damaging
Learning Objectives:

  • How criminals are making their money (through which cybercrime type),
  • How much they are making, and what are the consequences to organizations,
  • How do we stop this by discussing
    • Industry defenses against Business Email Compromise
    • Defenses against Data Breaches
    • Defenses against Ransomeware

With roughly 44% of the $1.5 trillion of cybercrime funds coming from preventable activity (good security postures), not only the cybersecurity is necessary to protect the businesses, but also required to prevent money from getting into the hands of criminals.
Let’s learn from current trends and prevent this money from being stolen.

More from Faranak Firozan

January 9th 2020 Chapter Meeting

Location: Oracle 5805 Owens Dr, Pleasanton, CA 94588, Time: 7:00 to 9:00 PM

7:00 PM Chapter Announcements, Sponsor Pizza dinner, care of Maze and Associates

Agenda: Chapter Secretary to Announce Intention to open Chapter positions for Election. Asking for nominations to existing and new positions.

Topic: Financial Data in the Cloud Donald E. Hester 

Author and Presenter known for his many contributions including BrightTALK channel and YouTube Channel

Director of Information Systems Audit at Maze Associates, Don coordinates and performs approximately 75-100 assessments/audits per year some in conjunction with financial audits, assessments, and reviews for; information systems security, network vulnerability scanning, policy and procedures, incident response, business continuity, disaster recovery planning, compliance, physical security, and cloud services. Developed audit plans, checklists and guidelines, set strategy and alternative attestation reports. Developed ransomware risk assessment process for local governments. Acted as an internal auditor for clients on security control self-assessments, risk assessments, and PCI compliance.

Please RSVP to,  President & Conferences Co-Chair (ISC)2 East Bay)

Save to your calendar

Thank you for being our sponsor this evening, Oracle as our location host and Maze Associates for our supper and the presenter.

About Maze Associates: We are a leading Northern California Accounting Firm specializing in Municipal & Nonprofit Audit, Tax for individuals and all types of entities, Information System Audits, Security Reviews, as well as PCI Scans and certified training. We can help you with implementing new GASB regulations, Tax Planning, or meeting FISMA and NIST compliance guidelines for your systems. Call Us Today!


October 10th Chapter Meeting

Venue is Oracle 5815 Owens Drive Pleasanton, CA 94588

Please arrive at 6:45 – Registration is required – email AND to assure we list you for pizza count and we have your name at the door to let you in.

Running a Successful Crowdsourced Security Program: Tips on How to Not Fail: Running A Successful Crowdsourced Security Program_ Tips On How Not To Fail

Scaling application and infrastructure security has been, and continues to be, a problem most organizations tend to face, but often don’t have the resources or bandwidth to tackle effectively. This is a fundamentally human problem. There are plenty of scanners, but we still need people to validate those results and to find the issues that scanners aren’t capable of catching – as well as identifying any exposed attack surface that the automated tools aren’t even covering. Enter the idea of the “crowd.” While crowdsourced security through bug bounties is not a new concept, adoption has only recently begun to pick up. Which is surprising considering there’s tremendous ROI and value to be gained from the crowd-at-large with relatively little effort.

So in what ways can an organization leverage the power of the crowd (which is just a fancy word for a large contingent of humans with highly diverse and creative security skill sets)? And more importantly, how can one do so successfully? That’s what I aim to cover with this presentation. As someone who has been directly involved in the creation, management, and growth of hundreds of crowdsourced security programs, I bring both a ground floor and 30,000 foot view of the current landscape of crowdsourced security. This talk is aimed to help organizations and security teams: a) Realize the value and varying ways they can leverage the crowd (crowdsourcing security has the potential to go well beyond just bug bounties); and b) Provide practical tips for running a successful program, as well as how to grow your program over time. I see a lot of badly managed or under-utilized programs in the wild, and want to help educate the world in terms of what can be accomplished through the power of crowdsourced security (hint: it’s a lot), and how to run a more effective program. 

Bugcrowd, Inc. BugCrowd

Bugcrowd is the #1 crowdsourced security company. More Fortune 500 organizations trust Bugcrowd to manage their Bug Bounty, Vulnerability Disclosure, and Next Gen Pen Test programs. Bugcrowd’s award-winning platform combines actionable, contextual intelligence with the skill and experience of the world’s most elite hackers to help leading organizations identify and fix vulnerabilities, protect customers, and make the digitally connected world a safer place. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Learn more at

Grant (McCracken)
Currently the Director of Solutions at Bugcrowd, Grant has extensive experience in the crowdsourced security space – having been directly involved with the creation and maintenance of hundreds of crowdsourced security programs over the last few years. An OSCP, with a background in application security, Grant understands the hacker side of security, as well as the necessary logistical components and considerations to take into account when running and managing successful crowdsourced security programs.

September 12th 2019 Chapter Meeting

 Venue:  SABA Software 

Saba Software (Mother Teresa Conference Room) 2nd floor
4120 Dublin Blvd, Dublin CA

Please arrive between 6:45-7:00 PM

7:00 PM – Pizza and chapter business

Presenting our 2019 Annual Scholarship Award to James Logan High School Robotics Club

(

Session 1: Title: API Security: When OAuth Is Not Enough
7:15 – 8:15
Description: Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. In this session, we’ll outline a set of examples where security standards work together in addressing requirements that are difficult or impossible to meet by using OAuth or OIDC alone.

Learn how you secure your APIs and Microservices using Externalized Dynamic Authorization.

Key agenda items

  • Covering API security basics
  • Avoiding bad security practices
  • Overcoming OAuth limitations
  • Managing authorization as a microservice

Thanks for sharing the ISC2 EB chapter meeting presentation and the links to more information.


About our Speaker: 

Jonas Iggbom, the VP of Sales Engineering at Axiomatics, has over 20 years of experience in product management and technical sales in endpoint security and access control. His expertise lies in encryption technologies, keys, certificates, and SSH, as well as access control solutions for privileged and end user accounts, databases, and applications.

Prior to Axiomatics, Jonas worked as the Director of Product Management at Fox Technologies and as a Product Manager at Check Point Software Technologies, both in California. He also held the position of Senior Sales Engineer/Product Manager at Pointsec Mobile Technologies in Chicago and Sales Engineer at their office in Stockholm, Sweden.

Jonas earned his bachelor’s degree in computer science from the Royal Institute of Technology in Kista, Sweden. Along with his expertise in encryption technologies and access control solutions, Jonas is also knowledgeable in intrusion detection, anti-virus, data leakage prevention, content control, and client virtualization.

Thanks to our topic sponsor: Axiomatics authorization solutions are utilized around the world to share sensitive data securely, meet compliance and minimize data fraud. From our offices in Chicago and Stockholm we serve a global customer base within finance, healthcare, insurance, manufacturing, media, pharma, software/high tech and the public sector. Our dynamic authorization suite for applications, databases, Big Data, APIs and Microservices enables a policy-based approach to access control to protect the most critical assets – on premise or in the cloud. Our product suite is built on Attribute Based Access Control (ABAC) in accordance with National Institute of Standards and Technology (NIST) guidelines. For the US Federal Government, Axiomatics is a member of the CDM program and actively participates in the GSA schedule. Website

Session 2: Leon Jiang sharing his analysis of the Capital One Data Breach
8:15 – 8:45
Read More
Lessons Learned from Capital One Breach & More

June 13th 2019 Chapter Meeting

Location: Oracle 5805 Owens Dr, Pleasanton, CA 94588

Time: 7:00 to 9:00 PM


7:00 PM Chapter Announcements, pizza

7:10 PM Meet Garima Gupta represent James Logan, a Union City High School, presenting their interest in earning scholarship, finding internships, engaging in activities that further their path to careers in engineering and technology.

7:25 – 7:30 PM Plan of Action, How ISC2 East Bay organizes for local schools, mechanisms to work in special committee with Chapter Directors for Education and CyberSecurity Awareness and Training.

7:30 – 8:30 PM Speaker

8:30 -900 Q&A Networking

About our High School Guests: The James Logan Robotics team is a club at James Logan High school located in Union City. The club meets weekly and invites all high school students to learn more about the STEM field and dive into engineering concepts and coding.  <Read More @>

Their mission is to help others find their love for STEM and offers guidance and direction to pursue a career in this field. ISC2 East Bay invites JL Robotics to engage with us in finding mentors who will support them in their pursuit of activities in the field of engineering and technology.
Speaker Topic: The Mitre Att&ck Framework:
The MITRE ATT&CK framework is a very effective tool for “adversary emulation”, cataloging how adversaries behave, what they’re trying to do, and the techniques used to accomplish their means. Moreover, the framework aims to provide a common language and vocabulary for practitioners, vendors, and all parties working to understand common threat actors and techniques.

In November 2018, MITRE evaluated a subset of techniques in an open-test environment, working with vendors to analyze their detection capabilities against these common techniques. With the results of this first evaluation now published, many are trying to make sense of results to understand the efficacy of different solutions in the marketplace today.

Matt Bouis, Senior Sales Engineer at Cybereason, will boil down the complexity of the MITRE ATT&CK framework so your organization can understand:

• How to adapt the framework to your company’s environment and needs in order to get the most utility out of it
• What different detection categories mean and how to interpret results of ATT&CK Framework evaluations
• How Cybereason allows customers to search and understand their environment based on the ATT&CK Framework

Matt Bouis, Sr. Engineer in Cybersecurity data analytics.

About Cybereason:

Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, managed monitoring and IR services.
Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries.
The Cybereason platform is powered by a custom-built in-memory graph, the only truly automated hunting engine anywhere. It detects behavioral patterns across every endpoint and surfaces malicious operations in an exceptionally user-friendly interface.
Cybereason is privately held and headquartered in Boston with offices in London, Tel Aviv, and Tokyo.

Kindly confirm your attendance for the meeting by June 12th, 2019, along with your preference of pizza (Veg/Non-Veg).

We need to provide the attendee list to our host for badges.

To RSVP please send your name, *ISC2 ID  and the subject line “attending June 13th 2019 meeting” to, and

Oracle 5805 Owens Dr, Pleasanton, CA 94588

Look for the (ISC)2 East Bay Meeting Sign pointing to the entrance of 5805. We meet just inside the main lobby.

*If you are not a member of ISC2 or ISC2 East Bay Chapter, please complete the membership application form and send the application with your notice of intent to attend.  Membership is still free, but we do need to know who you are.

May 9th 2019 Chapter Meeting

ATTENTION DATE WAS WRONG – is 2nd Thursday May 9th

Location change – 6101 Bollinger Canyon Rd, San Ramon, CA 94583 Room BR1X – 1150


Why CISO’s Fail, in the words of the author, Barak Engel

Information security is now a really big deal, yet we keep screwing it up. Big breaches are in the news every day, and they are only the tip of the iceberg. Security leaders average less than two years in tenure, and job satisfaction – their own, and others’ of their performance – is lower than that of watching paint dry. Fingers go ablamin’, but in security we just end up pointing them elsewhere.

Why? and more importantly, what can we do about it?

Claimed in its origin by many cultures, the ancient saying “The Fish Stinks from the Head” applies to the emerging discipline of information security, just as much as it does to organizational rot and mis-development. Providing a useful guide for an irreverent look at ourselves, the speaker in this open-to-the-audience talk will touch on both the “why” and the “what to do” parts, while doing his best to make you laugh.

Real-life experiences, both amusing and embarrassing, will be shared liberally.

Speaker Bio: Barak Engel is known for having come up with the concept of “virtual CISO” back when security was a four-letter word that no one could spell. He stubbornly insisted, and ultimately developed a consulting practice around it. Almost two decades later his company, EAmmune, develops and manages security programs for organizations, large and small, across all industries. Barak himself has served as CISO for many of them (e.g. MuleSoft), and often for several at once.

In another clear mark of insanity, he decided to write a book about security management while still actively practicing, rather than from the comfort and safety of retirement. The 2017 book, Why CISOs Fail, keeps getting incredible reviews from those who stumble upon it, delighting Barak every time it happens. It also serves as the inspiration for this talk.

Chevron World Headquarters

Location change – 6101 Bollinger Canyon Rd, San Ramon, CA 94583 –Room BR1X – 1150

San Ramon, CA 94583
Time: 7:00 to 9:00PM
RSVP by replying back to the member email by 5/8/2019 or send your ISC2 ID and subject line “Attending 5/14/2019 member meeting to Director Programs.
The phone number to call if lost or need directions:  (925) 842-1000 and ask for the main security reception. Our hosts at Chevron are Ana Colocho or Frank Fabsits or ask for Robin Basham
Parking: Park in Visitor Lot Across the Loop Road (Right Turn at first stop sign, and your first right turn into parking lot – walk across road to building behind flagpoles and fountain. Meeting room is BEFORE Security Desk just inside double glass doors on the right)


(ISC)2 East Bay Chapter