Matt Bouis, Sr. Engineer in Cybersecurity data analytics.

About Cybereason:

Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, managed monitoring and IR services.
Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries.
The Cybereason platform is powered by a custom-built in-memory graph, the only truly automated hunting engine anywhere. It detects behavioral patterns across every endpoint and surfaces malicious operations in an exceptionally user-friendly interface.
Cybereason is privately held and headquartered in Boston with offices in London, Tel Aviv, and Tokyo.

Location TBD

Either Blackhawk, Saba, Oracle or Chevron. Check back soon.

Why CISO’s Fail, in the words of the author, Barak Engel

Information security is now a really big deal, yet we keep screwing it up. Big breaches are in the news every day, and they are only the tip of the iceberg. Security leaders average less than two years in tenure, and job satisfaction – their own, and others’ of their performance – is lower than that of watching paint dry. Fingers go ablamin’, but in security we just end up pointing them elsewhere.

Why? and more importantly, what can we do about it?

Claimed in its origin by many cultures, the ancient saying “The Fish Stinks from the Head” applies to the emerging discipline of information security, just as much as it does to organizational rot and mis-development. Providing a useful guide for an irreverent look at ourselves, the speaker in this open-to-the-audience talk will touch on both the “why” and the “what to do” parts, while doing his best to make you laugh.

Real-life experiences, both amusing and embarrassing, will be shared liberally.

Speaker Bio: Barak Engel is known for having come up with the concept of “virtual CISO” back when security was a four-letter word that no one could spell. He stubbornly insisted, and ultimately developed a consulting practice around it. Almost two decades later his company, EAmmune, develops and manages security programs for organizations, large and small, across all industries. Barak himself has served as CISO for many of them (e.g. MuleSoft), and often for several at once.

In another clear mark of insanity, he decided to write a book about security management while still actively practicing, rather than from the comfort and safety of retirement. The 2017 book, Why CISOs Fail, keeps getting incredible reviews from those who stumble upon it, delighting Barak every time it happens. It also serves as the inspiration for this talk.

Industrial Control System Cyber Security Design and Regulation

Presented by Michael Cole, CISSP, CCNP – Control System Cybersecurity Analyst – Turlock Irrigation District

In the previous UTC Journal, Jon Stizel described how Ameren is using the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) to improve the maturity of their cybersecurity program with metrics and reporting.  Turlock Irrigation District (TID) has also used the NIST CSF, Energy Sector Cybersecurity Framework Implementation Guidance (ESCFIG) and the Electric Subsector Cybersecurity Capability Maturity Model (ES-C2M2) for its NERC CIP program foundation…

Michael Cole is a Control System Cybersecurity Analyst for the Turlock Irrigation District, where he provides expertise on NERC CIP Standards and Program design. Turlock Irrigation District is a Central California public utility that provides water for irrigation and power to customers in its service area. Michael has a Bachelor of Science in Computer Science, is a Certified Information Systems Security Professional (CISSP), and a Cisco Certified Network Professional (CCNP). Michael has focused on building a NERC CIP Documentation Architecture that is based on the NIST Cyber Security Framework (CSF) and Electric Subsector Cybersecurity Maturity Model (ES-C2M2). The architecture uses the ES-C2M2 cybersecurity domains as an abstraction for Turlock Irrigation District’s NERC CIP Program.

Venue: Optiv at 3875 Hopyard Rd., Pleasanton, CA 94588

Kindly confirm your attendance for the meeting by January 9th, 2019, along with your preference of pizza (Veg/Non-Veg) so that we place orders accordingly.

We need to provide the attendee list to our host for badges.

To RSVP please send your name, *ISC2 ID  and the subject line “attending January meeting” to conferencedirector@isc2-eastbay-chapter.org.

*If you are not a member of ISC2 or ISC2 East Bay Chapter, please complete the membership application form and send the application with your notice of intent to attend.  Membership is still free, but we do need to know who you are.

REMINDER: Arrive on time or there will not be anyone to open the door.  We begin door duty at 6:30 and end at 7:00 PM – NO EXCEPTIONS

Take the elevators to the second floor, take a left, we are all the way at the end of the hallway.

Venue: Chevron World Headquarters

Dinner

RSVP

RSVP to conferencedirector@isc2-eastbay-chapter.org with the subject “Attending October 11th at Chevron building A”. Include your name and ISC2 ID. If you don’t have an ISC2 ID and are not yet a member of our chapter, include the membership application with your email and copy membership@isc2-eastbay-chapter.org

We will be meeting in Building A in room 1020., 6001 Bollinger Canyon Rd, San Ramon, CA 94583. Park in the visitor parking lot and proceed to BLDG A.

Don’t get lost

To RSVP please send your name, *ISC2 ID  and the subject line “attending September meeting” to conferencedirector@isc2-eastbay-chapter.org. If you have not arrived by 7:00 PM you will not be able to enter the Venue. Please arrive between 6:45 and 7:00 PM as doors lock and all attendees will want to go upstairs to the meeting room. (more below)

Topic 1:  Security Architecture in a Hybrid state

Speaker Istvan Berko – Security Sales Consultant, PNW, GovEd & Globals

In the past, we have aligned our security architecture through our governed controls and the applicability of these controls to our environments. As the legacy IT architecture is morphing into business-centric functions, the underlying infrastructure and data architecture is changing at pace.  This is resulting in a need to shift our information security perspective and the acceptable residual risk. This talk will discuss the need to adapt and consider some of these newer attack vectors and risks.

• Operational Cloud security controls – New privileged provided to applications from an abstracted privilege management platform
• Controls applicability to SaaS platforms – Do we introduce legacy security to hosted services?
• Network and segmentation architecture – What works and what doesn’t
• DevSecOps and CD/CI and how we enable an SDLC approach to business lead rapid deployment.

Dimension Data – http://www.dimensiondata.com/en-US/Solutions/Security

Mini Topic : Why IPv6 and IOT is the “Price of Admission” our November 9th Conference

Speakers: Robin Basham, Conference Director

Venue: Optiv at 3875 Hopyard Rd., Pleasanton, CA 94588

Kindly confirm your attendance for the meeting by September 12th, 2018, along with your preference of pizza (Veg/Non-Veg) so that we place orders accordingly.

We need to provide the attendee list to our host for badges.

To RSVP please send your name, *ISC2 ID  and the subject line “attending September meeting” to conferencedirector@isc2-eastbay-chapter.org.

*If you are not a member of ISC2 or ISC2 East Bay Chapter, please complete membership application form and send the application with your notice of intent to attend.  Membership is still free, but we do need to know who you are.

REMINDER: Arrive on time or there will not be anyone to open the door. We begin door duty at 6:30 and end at 7:00 PM.

End Point Security Training Day

Odds Are You Need More Skills than Luck

Speakers and Topics are under review.  Please reach out to  Conference Director  Robin Basham,  Director Cybersecurity Awareness Krishnan Thiruvengadam, or Director Education & Career Development Jing Zhang-Lee

Read More

ISSA and ISACA members are welcome to participate as long as seats are available.

Training day is limited to the first 50 students.  Sessions run 90 minutes.  Please reach out if you are interested in being an instructor.

9 AM to 4 PM – 6 CPE

Exfiltrating Data through IoT

“Exfiltrating data through the Internet of Things (IoT) provide insights based on research/analysis of data exfiltration vulnerabilities found in IoT protocols (i.e. SSDP, P25, Zigbee, Z-Wave, Wi-Fi, uPnP). With an eye toward mitigating weaknesses in current protocols, this talk addresses future protocol designs to eliminate those weaknesses.  This discussion will delve into the details and demo data exfiltration using IoT protocols. The application of this knowledge will allow you to assess and mitigate these risks as you integrate IoT technologies into your production systems, as well as making informed decisions regarding IoT device and protocol selection.

Garry Drummond, CEO & Founder, 802 Secure Mr. Drummond is a Wartime CEO. From his humble beginnings in Pleasanton, California, he boot-strapped his start-up company, 802 Secure Inc. from his garage. Mr. Drummond has conceptualized, designed and delivered cybersecurity products for both Critical Infrastructures, Enterprise and Government clients around the world. Mr. Drummond along with his few but loyal engineering team landed venture capital in November 2016 to expand the team and fulfill orders. 802 Secure is developing technology for Securing the Internet of Things (IoT), combining Software Defined Radios with Big Data Analytics. Mr. Drummond is a Certified Information System Security Professional (CISSP) and is passionate about wireless cybersecurity. With the recent explosion of Internet of Things, (IoT) device enablement as well as mobile adoption – wireless has now become the easiest way to back-door the wired-side of the network. Wireless technologies do not follow the traditional guidelines of security and new methodologies required to secure digital assets. Only through new thought leadership and innovation using software-defined- radios with big data analytics can these new broader spectrum attack vectors be identified.

802 Secure was awarded Silicon Valley Start-up of the Year in April 2015 and Silicon Valley Company of the Year May 2016. Most recently, in 2017, Mr. Drummond was awarded Most Innovative CEO of the Year.802 Secures products are sold through 5 of the most influential technology resellers in the US.

Aaron Davidson, Solutions Architect, 802 Secure Mr. Davidson is 802 Secure’s Solution Architect working with clients in understanding their issue(s) and providing solutions in meeting their security needs. His experiences stretch from technical support, system admin, network engineering & architecture, quality assurance, security engineering, sales engineering and personnel management. His technical sales skills and bonding with deeply technical individuals as well as creating relationships with management, senior executives, VP and C level have provided effective solutions in meeting the demands of their industry segments.

About 802 Secure:

802 Secure is developing signal intelligent technology for securing the Internet of Things; detecting and assessing new wireless risks across the broader RF spectrum using software defined radios and big data analytics. 802 Secure has developed a leading world-class product, AirShield, to monitor IoT assets, identify risks and threats, and ensure performance and reliability 24×7 of the IoT environment. (www.802secure.com)

Location: Blackhawk Network, 6220 Stoneridge Mall Rd, Pleasanton, CA 94588 – 7 PM

Privacy by Design – Why It Can’t Wait!

Here are the slides from the presentation: Privacy by Design_ISC2 EB Chapter Meeting 5.10.18

As the U.S. and the rest of the global community continue to rethink what individual privacy entails, and as “big data” is ingested into machine learning/AI, there will continue to be uncertainty of what the future of privacy will look like. This, coupled with news about mass surveillance, user behavior tracking, and targeted advertising have caused developers to take a more defensive approach when designing new services and products. Implementing Privacy by Design (PbD) can help protect organizations in the long run by applying the principles to their development and design activities that enable privacy by default.

Attendees will learn:

• What are the principles of Privacy by Design (PbD)
• Why they are important
• Tips for operationalizing PbD

Speaker Information:

Orus Dearman, CISSP, CISA ,Managing Director, Cyber Risk Advisory, P: (415) 318-2240, E:  orus.dearman@us.gt.com

Orus provides technology and advisory services to clients in the technology, financial services, and federal industries. He has extensive experience leading cyber risk projects in accordance with the NIST cybersecurity framework, Generally Accepted Privacy Principals (GAPP), FISMA, and FedRAMP guidelines within the United States and globally.  He also specializes in physical and logical vulnerability assessments. Orus works with companies enabling them to implement cybersecurity and privacy frameworks such as the NIST Cybersecurity Framework, GAPP, FISMA/FedRAMP, ISO 27001, and the Trust Services Principles.  He also leads the firm’s Federal Risk and Authorization Management Program (FedRAMP) practice nationally. He has extensive experience providing technical advisory services for clients within the technology, financial services, and federal industries.

Orus is a Certified Information System Security Professional (CISSP), and a Certified Information Security Auditor (CISA).

Dhawal Thakker, CISSP, CISA, Senior Manager, Cyber Risk Advisory, P: (650) 450-1431, E: dhawal.thakker@us.gt.com

Dhawal has over 18 years of experience leading and coordinating IT advisory engagements across several industries, with a focus on the financial services, technology services and healthcare sectors. His experience includes regulatory compliance, privacy (GDPR) GRC program and technology deployments, compliance to regulations like SOX, HIPPA, compliance to credit card industry standards (PCI) designing security policy, Network Security assessments, BCP-DR, Experience, and expertise include:

Dhawal has experience implementing privacy frameworks, assessing EU General Data Protection Regulation (GDPR) compliance, developing privacy policies, benchmarking developer agreements and ensuring compliance with global regulations.

Dhawal has hands-on experience in design implementation and managing GRC solution to automate Cyber and Privacy compliance programs using tools like RSA Archer, ServiceNow, OneTrust etc. Dhawal is a Certified Information Systems Security Professional (CISSP), and a Certified Information Systems Auditor (CISA).

Directions to our meeting:

From Hwy 680 going South (680 S):

Form San Ramon

• Get on I-680 S
• Follow I-680 S to Stoneridge Dr in Pleasanton. Take exit 29 from I-680 S
• Make a right turn on Stoneridge Dr
• Use the Right two lanes to turn right onto Stoneridge Mall Rd
• Make a right turn on Workday Way
• Take Workday Way to the end of the road and make a left in the parking lanes
• Take the road until you come to the first crossroad
• Make a right turn and take the road to the end of the street
• We are the building on the right and you can park anywhere in the parking spaces in front of the building.
• Blackhawk Network, 6220 Stoneridge Mall Rd, Pleasanton, CA 94588

From Hwy 680 going North (680 N):

Form San Jose

Get on I-680 N

• Follow I-680 N to Stoneridge Dr in Pleasanton. Take exit 29 from I-680
• Use the left two lanes to turn left on Stoneridge Dr
• Use the Right two lanes to turn right after crossing the overpass onto Stoneridge Mall Rd
• Make a right turn on Workday Way
• Take Workday Way to the end of the road and make a left in the parking lanes
• Take the road until you come to the first crossroad
• Make a right turn and take the road to the end of the street
• We are the building on the right and you can park anywhere in the parking spaces in front of the building.
• Blackhawk Network, 6220 Stoneridge Mall Rd, Pleasanton, CA 94588

Kindly confirm your attendance for the meeting by May 8th, 2018, along with your preference of pizza (Veg/Non-Veg) so that we can place orders accordingly. We need to provide the attendee list to our host for badges. To RSVP or for any questions regarding this meeting please contact Vice President Tom Rogers

Please arrive between 6:45 and 7:00 PM at Bishop Ranch One BR1, 6101 Bollinger Canyon Road, San Ramon, CA

Topic One: Big Data: The forgotten security landmine

As billions of people, devices, and systems get connected to the internet, companies of all sizes will seek to gather insights as to the best ways to further model their businesses to ensure efficiency, improve business processes and additionally offer solutions to complex problems previously impossible to address. This new data economy has led to a rapid rise in the adoption of big data and big data solutions to serve the needs of small to large-scale enterprises.

In the push to take advantage of such valuable data insights, all manner of personal, private and highly sensitive data continues to get fed into Big Data systems with very little focus on their continues protection before and after it lands into Bid Data systems.

This presentation will unearth the hidden landmines and provide recommended solutions as companies deal with such mountain piles of data through their big data systems.

Lenin Aboagye has built several firsts in the industry from first Education-As-A Service(EAAS) platform to building security platform for first fully Open cloud product. As an emerging technologies enthusiast , Lenin has helped advise and guide initiatives from Cloud, Mobile , Big Data and AI for multiple companies as well as speaking severally on such topics and its relevance in the current security landscape. Lenin was an earlier contributor to some of first whitepapers released by CSA(Cloud Security Alliance) and is an active participant in several other Information Security related interests. As a security thought leader, Lenin has spoken at several security conferences, contributed to security books, and also quoted in security and tech media. Lenin was formerly the security Head at IO and is currently President at Limit+ where he provides cybersecurity consulting and security product advisory services to several clients. Lenin is the security advisor for Kogni, world’s first AI-powered Big Data Security product by Clairvoyant. Lenin holds a BA and graduated top of the class with a double major in Computer Science and Math

Topic Two: Cloud Compliance Automation: Automating Hardening AWS  Infrastructure via CI/CD Pipelines

Demo Abstract: This demo presents automating security benchmark controls on cloud infrastructure via Continuous Integration and Continuous Delivery, using open source tools. In this demo, I aim to show how to harden OS images and produce reports on the benchmark controls enforced to cloud security auditors. To achieve this, a DevSecOps engineer is allowed to choose a security benchmark to enforce out of a selected list and then the CI pipeline is triggered to automate the security controls under the benchmark selected on a Linux OS system. The pipeline runs multiple stages to ensure and deliver a fully hardened Linux OS system. Finally, I will also provide a report produced at the end stage of the pipeline. This report lists the controls enforced and remediation tools.

Daniel Callao has a BS in Computer Science and Mathematics from San Jose State University and is an AWS cloud computing professional responsible for the design, implementation, automation, and documentation of scalable multi-tenant infrastructures. His specialties include cloud computing, virtualization for multi-tenant environments, infrastructure as code, solutions architecture and project management, implementing new technologies with process refinement and continuous integration and delivery. Daniel has worked for multiple Fortune 100 tech companies, such as VMware, Autodesk, GE Digital, and Cadence Design Systems. While he is passionate about automation in the cloud, he is also an advocate for open source technology. Daniel enjoys doing live collaborative training on open source automation and container tools.

Topic Three: Chapter Business – Calling All Interested in Training and Sponsoring the July 13th Training Day

We invite our community to add their voices to our planning for the upcoming training day.  Hear from our Directors Cybersecurity and Education and collaborate on the plan.

We also want to discuss charging for meetings and ordering dinner – something we may need to implement effective May.  Unless sponsored by our speakers or host, we will need to begin charging a meal cost to attendees at our monthly meetings.

Conference feedback and discussion regarding the upcoming training day topics.  Bring your suggestions and your spirit of volunteerism.

And the Winner is…

MakeAthon winner 2018 are Savvy Gupta, Balamurugan, Alan Wang, Brian Zhao , and Salaj Ganesh  – CONGRATULATIONS

Location: Bishop Ranch One BR1, 6101 Bollinger Canyon Road, San Ramon, CA

Directions to Meeting at Chevron

Kindly confirm your attendance for the meeting by April 11th, 2018, along with your preference of pizza (Veg/Non-Veg) so that we can place orders accordingly. We need to provide the attendee list to our host for badges. To RSVP or for any questions regarding this meeting please contact Vice President Tom Rogers

Please make sure to bring a government issued photo id (Driver license or CA ID card etc.) to gain access to the conference room.