ISSA – ISACA – ISC2 SF and SV Announcments

View this email in your browser

In this issue…

Monthly Meeting: Online with Pre-registration

MAY VIRTUAL CHAPTER MEETING

In accordance with the recent shift in reality, our May meeting will be in Virtual Reality. I am excited to announce we will have a full on virtual cybersecurity escape room challenge hosted by this month’s meeting sponsor livingsecurity.

Registration is limited. As before, I ask that you do NOT register if you are not committed to attending as that would deprive someone else the opportunity.

REGISTRATION LINK: https://zoom.us/meeting/register/tJwqdeivrD4vH92nXZy0D2X_agxPBp-rpfm3

Privacy Policy: Living Security takes privacy seriously. We collect your contact information for our internal records to track your experience with our products, and will never sell or distribute your information without your consent.

AGENDA: Tuesday, May 12, 2020

6:00PM – 6:15PM: Logon to the Escape Room

6:15PM – 6:30PM: Chapter Business – President

6:30PM-8PM: livingsecurity Cybersecurity Escape Room Challenge

 

MORE INFORMATION:

The Cyber Escape platform counters the culture of checkbox compliance security awareness training that simply tells users what behaviors to discontinue. Replacing that approach with behavioral science-backed gamification and immersive learning, the Cyber Escape platform increases training participation and retention which ultimately results in behavior change. “A solution that delivers gamification and competition is a huge factor because competition is challenge and that challenge drives participation and retention,” said Walter. “With Cyber Escape, when employees started to solve the puzzles and overcome the challenge, it built their self-confidence and the idea that I can do this, not just in this platform but in real life, which reinforces the learning and confidence to know what to do in real-life situations.”

LINKS:

Case Study

video trailer: https://vimeo.com/407179374

Cancellation Policy: If you cannot attend please cancel AT LEAST 24 hours in advance. NO-SHOWS may be banned from future limited events for the rest of the year. That includes folks who cancel at the last minute.

 

CPEs must be self-submitted for this virtual meeting

We can’t verify your attendance at an online meeting. You will have to self-submit your CPEs to (ISC)² at https://cpe.isc2.org/ . You can claim up to 2 Group A CPEs for this meeting, 1 CPE per hour attended rounded down to the nearest 0.25 hour increment. See the CPE Handbook for the full rules. Be honest about how much time you attended.

Grab a screenshot during the meeting to include as proof of your attendance. You can attach the image to the CPE submission.

(ISC)² also has online CPE opportunities which have solved the problem of accounting for minimum viewing time and automatically submitting them on your behalf. See https://www.isc2.org/Member-Resources/CPE-Opportunities .

Invitation to speak

Do you have a cybersecurity-related project you’d like to share with your fellow (ISC)² Silicon Valley Chapter members?

We are encouraging project presentations from our fellow chapter members. What cybersecurity-related project would you like to tell us about? Presentations can be full or half meeting in length. It can only happen with your help. Let us know if you’d like to speak! You self-submit CPEs for your preparation time. See the (ISC)² CPE Handbook (PDF link) for specific rules.

This adds to the topic mix as we also continue seeking corporate presentations on relevant cybersecurity topics.

Pandemic moves our meetings to virtual

As detailed above, (ISC)² Silicon Valley Chapter’s May meeting will be held online via Zoom.us video conferencing.

The COVID-19 pandemic continues. Santa Clara County remains under a shelter-in-place order since March 17. California has been under a stay-at-home order since March 20. In March we had to change our meeting venue and limit our attendance. In April we cancelled our monthly meeting.

The interruption to the chapter’s in-person meetings will be temporary. Historically epidemics follow a cycle of getting worse before getting better. Our decision when to resume in-person meetings in upcoming months will depend on lifting of Santa Clara County and State of California orders. Expect some amount of social distancing measures to continue until there is a vaccine for COVID-19.

Even when in-person meetings resume, please stay home if you or members of your household have flu symptoms.

OWASP – TOP 10 API – ONLINE

Details

This meeting will take place ONLINE
https://phack.my.webex.com/meet/phack

Abstract:

A foundational element of innovation in today’s app-driven world is the API. From banks, retail and transportation to IoT, autonomous vehicles and smart cities, APIs are a critical part of modern mobile, SaaS and web applications and can be found in customer-facing, partner-facing, and internal applications.

APIs expose application logic and sensitive data and become a target for attackers. API Security focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks. APIs represent a significantly different set of threats, attack vectors, and security best practices.

In this session we’ll discuss:

What makes API Security different from web application security

The top 10 API security vulnerabilities

Mitigation strategies with examples

Tips to developers to secure API

Speaker Bio :
Kavitha Venkataswamy is leading Application Security efforts at MacysTech focused on SSDLC process, threat modeling, security awareness and training, tools automation and security testing efforts. Having a strong developer background makes her to adopt and focus on empathy when working in security, believing to grow stronger teams and protect our companies and communities. OWASP member and volunteer/Speaker in community events advocating diversity in cyber industry.

Pacific Hackers Meetup
Pacific Hackers Meetup

Public group

Online Event

ISACA Silicon Valley  Cybersecurity  Fundamentals  Class

ISACA-SV is offering a Cybersecurity Fundamentals class this Spring open to everyone wanting to learn a little about Cybersecurity.  No prior knowledge is needed.  Some concepts will be challenging to a student without any prior background.  First, we’ll start with the principles of data and technology that frame and define cybersecurity. You will gain insight into the importance of cybersecurity and the role of cybersecurity professionals. We will explore cybersecurity principles, security architecture, risk management, attacks, incidents and emerging IT and IS technologies.

At the end of the course, you will be able to:

  • Explain the core information assurance (IA) principles
  • Identify the key components of cybersecurity network architecture
  • Apply cybersecurity architecture principles
  • Describe risk management processes and practices
  • Distinguish system and application security threats and vulnerabilities
  • Describe different classes of attacks
  • Describe current attacks and methods to protect your computer, your smartphone and your home from cyber attacks

This class covers the material needed to pass the ISACA Cybersecurity Fundamentals Certification exam.

The class will be held May 16 and 17 (Saturday and Sunday) from 8:10 am to 5:00 pm

Meal selection: (www.specialtys.com) (pick one for each day)

  • Sandwich: Roasted Turkey
  • Sandwich: Napa Waldorf Chicken Salad
  • Sandwich: Mediterranean
  • Sandwich: Vegetarian
  • Salad: Dawn’s Vegan

Mid-morning and mid-afternoon snacks will be offered

Preparation before class:  none required.  Feel free to bring your laptop and smartphone

Location:  Xilinx

2100 Logic Way, Building 4 (first building on your left),  San Jose, Ca

Cost:

  • ISACA member $70
  • Students $50
  • Non-ISACA member $100

Additional cost:   Printed handout $30


ISACA Silicon Valley

Is offering Exam Review classes this Spring for CISA, CISM, CRISC and CGEIT certifications

CISA, CISM and CRISC Classes will be held May 2 and 3 (Saturday and Sunday) from 8:10 am to 5:00 pm

CGEIT Classes will be held May 2, 3 (Saturday and Sunday) and May 16 from 8:10 am to 5:00 pm

Classes will include a review of all material and a practice exam

Meal selection: (www.specialtys.com) (pick one for each day)

  • Sandwich: Roasted Turkey
  • Sandwich: Napa Waldorf Chicken Salad
  • Sandwich: Mediterranean
  • Sandwich: Vegetarian
  • Salad: Dawn’s Vegan

Mid-morning and mid-afternoon snacks will be offered

Preparation before class:  These classes WILL NOT teach you the material, but are intended to be a review of the information you already know, as well as to build your test-taking skills in preparation for the ISACA exam.  You should acquire and read (before class) the ISACA Review Guide (see http://www.isaca.org/resources)  for your specific exam.

Location:  Xilinx

2100 Logic Way, Building 4 (first building on your left)

San Jose, Ca

Cost:

  • ISACA member $75
  • Students $50
  • Non-ISACA member $100

Additional cost:  Printed handout $30


Silicon Valley Chapter Meeting October 15th, 6-8:30 PM.

When Tuesday, October 15, 2019 from 6:00 PM to 8:30 PM PDT Where McAfee – 2821 Mission College Blvd, Santa Clara, CA Dinner this month will feature Ethopian food and we’re back at our normal location at McAfee!. Early registrants get their $5 entry fee back when they attend. Speaker Summary There are a million people saying that blockchain will solve all trust problems, but recently IOT has taken over our world and is expected to see hockey-stick like growth in the number of devices in the coming years. Can these technologies work together? Some of the best-expected benefits of IOT are realized when you combine with a trusted repository (like blockchain). Will the combination solve our problems, or just create more issues? What risks will businesses take? What are the advantages for your company? We’ll examine what’s happened over the last couple of years, some of the high-profile media cases and dive into lessons learned from what we’ve seen within our world as security experts on both these topics.

No alternative text description for this image

 

270981 ISACA Fall Conference Brochure 2019

SF ISACA CHAPTER – ANNUAL FALL CONFERENCE – OCT 28-30

Starts:  Oct 28, 2019 8:00 AM (PT)
Ends:  Oct 30, 2019 5:00 PM (PT)
Since its start in 2001, the SF ISACA Fall Conference continues to be the premier education event for information technology audit, security, governance, risk and compliance professionals in Northern California. Last year’s event drew hundreds of attendees and we are expecting that number to grow this year. Priced at roughly 1/3 of what many similar conferences charge, the SF ISACA Fall Conference represents Northern California’s best educational value for IT audit, security, risk, and compliance professionals. The SF ISACA Fall conference features five tracks packed with top flight speakers and cutting edge topics.

LOCATION

Hotel Nikko
222 Mason Street
San Francisco, CA 94102
ISC2 East Bay welcomes members from Silicon Valley ISSA Chapter

The Information Systems Security Association (ISSA) is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.

The Silicon Valley ISSA chapter is comprised of over 250 Silicon Valley Information Security Staff, Consultants, Managers, Executives, and other business professionals. Our members come from Small Businesses and Fortune 100 companies. Our demographics are diverse, yet we share the common thread that we understand the criticality of Information Security as an enabler of today’s key business objectives and the improvements that will come tomorrow.

(ISC)2 East Bay Chapter