2017 Fall Conference

Security in Online Retail, SaaS Architecture from Dystopia to Utopia – November 16, 2017 <download the flyer ISC2Fall2017>

 Venue: Castlewood Country Club, 707 Country Club Circle, Pleasanton Directions

November 16th 2017 – 8:30 AM – 5:30 PM

This one-day security track includes 11 speakers and six guided product demonstration events offering 8 CPE for full attendance. (ISC)2 Chapter events facilitate lively discussion and opportunities to extend the presenter wisdom to our real needs in keeping Bay Area companies both competitive and safe. Please learn more at https://isc2-eastbay-chapter.org, LinkedIn, Facebook
This 1-day event counts towards 8 hours of Continuing Professional Education or 8 CPEs.)

Theme – Security in Online Retail – Regulations in the face of Technology Disruption

  • Breaking & Entering: IoT and Security PCI DSS 3.2 and the Designated Entities Supplemental Validation Criteria and New Responsibility to Report on Failures Why We need Solutions for the Hybrid Cloud and How to Map Threat Mitigation to Cloud-Based Infrastructure
  • PCI DSS 3.2 and the Designated Entities Supplemental Validation Criteria and New Responsibility to Report on Failures Why We need Solutions for the Hybrid Cloud and How to Map Threat Mitigation to Cloud-Based Infrastructure
  • Why We need Solutions for the Hybrid Cloud and How to Map Threat Mitigation to Cloud-Based Infrastructure

Privacy

  • Consumer Driven Privacy, Give Me Back My Data
  • Cloud Security and Privacy – What’s at stake in Global Online Retail
  • How might technology influence or change what we choose to remain private

IAM, Vulnerability, Incident, Change, Cloud Security, DevOps, and CloudOps

  • Hands-On Perspectives: Deploying FIDO-Based Modern Authentication Solutions
  • How To Develop a Security Strategy: Problems and Solutions in a World Not Yet Defined – Security in an Interconnected World
  • Secure DevOps; Not an Oxymoron
  • Continuous Monitoring using Security Architecture
  • PCI, HITRUST, FedRamp/NIST, SOC 2, or ISO 27002 ISMS implemented controls – Incident, Vulnerability, and Change

<download the flyer ISC2Fall2017>

Pricing:

(ISC)2 is happy to accept member ID from its partner professional organizations:

ISACA, ISSA, ISC2

  • Early Bird Member* $105
  • Early Bird Non-Member* $120
  • Student $45

Registration after November 1st

  • Member or Affiliate Member $130
  • Non-Member $145
  • Sorry no more student passes

If you are experiencing hardship and wish to attend, please have proof of (ISC)2 membership or ISACA membership and reach out to Director Education & Career Development Jing Zhang-Lee, or
Conference Director Robin Basham

8:00 AM – 8:40 AM Registration to 5:45 PM Closing Remarks and Raffle 5:30 – 6:30 PM Speaker Reception

Dress for success. Our theme is a little luxury.  Seriously, suite up. You’re probably going to meet your next boss! In fact, we’re bringing in a team of the most highly regarded recruiters.  This chapter takes networking to the next level.  We advance.

Speaker Bar
1.1:  9:00 AM- 9:45 AM Meet Helen Cho

Helen ChoOnline Retail: Beyond Disruption, Managing Risk in the Digital World

Helen Cho, Program Manager, Global Third Party Risk, VISA

ISC2 East Bay Nov16 Visa

Responsible for minimizing risk of loss and adverse reputational damage associated with cardholder data compromises by ensuring compliance with PCI DSS and driving Visa’s data security strategy across the payment ecosystem, Helen Cho is a dynamic, result-oriented professional with 12+ years of regulatory and policy-making experience and a recognized ability to lead successful, complex compliance and risk management projects. Champion for driving business goals in a fast-paced VISA environment, we invite Helen to share strategy in PCI DSS risk management. We can’t ask for a more informed choice in leading our conference than the wisdom that is found at VISA. How we spend
1-1 Session Description: This presentation will discuss the way consumers discover, shop and buy products and services and how these experiences are dramatically redefined as online commerce continues to expand. In the increasingly digital economy and culture of convenience, where does security fit in? This session will cover managing risk in today ís payment landscape.

VISAAbout VISA Visa Inc. is a global payments technology company that connects consumers, businesses, financial institutions, and governments in more than 200 countries and territories to fast, secure and reliable electronic payments. We operate one of the world ís most advanced processing networks “VisaNet” that is capable of handling more than 65,000 transaction messages a second, with fraud protection for consumers and assured payment for merchants. Visa is not a bank and does not issue cards, extend credit or set rates and fees for consumers. Visa ís innovations, however, enable its financial institution customers to offer consumers more choices: pay now with debit, pay ahead with prepaid or pay later with credit products. For more information, visit usa.visa.com/about-visa, visacorporate.tumblr.com, and Visaeurope.com

1.2: 9:45 AM – 10:30 AM Meet Abbie Barbir

Abbie BarbirHands-On Perspectives: Deploying FIDO-Based Modern Authentication – The door to secure commerce

Abbie Barbir, Senior Security Advisor, AETNA, Executive Council, FIDO Alliance

NGA-isc2-talk-v2

Senior Security Advisor, AIS Security Innovation, Aetna: Abbie Barbir serves as a Senior Security Advisor in the areas of identity management, mobile devices, and authentication at Aetna Global Information Security. Barbir has extensive experience in identity and access management. He has worked with many standard organizations on developing next-generation authentication technologies. Currently, he represents Aetna on the FIDO Board of Directors. Barbir holds a Ph.D. in computer engineering from Louisiana State University. In his more than 25 years in the software and security industry, he has been a Professor of Computer Science, an Application Developer, Data Compression and Encryption Inventor, Systems Architect, Security Architect, Engineering Manager, Consultant, Author and Inventor of numerous security algorithms and articles.
How we secure identity and access
1-2 Session Description: Emerging modern authentication solutions such as FIDO eliminate the reliance on passwords with stronger authentication based on devices used by people on daily basis. The talk will go over Next Generation Authentication efforts at Aetna and discuss lessons learned from current deployment and how to better benefit from FIDO-compliant solutions.

AETNAAbout Aetna and Fido Alliance: About Aetna: Here at Aetna, we are building a healthier world by making healthcare easy, affordable and all about you. Follow our LinkedIn page for company news, industry commentary, jobs and more. Founded in 1853 in Hartford, CT, Aetna is one of the nation’s leading diversified health care benefits companies, serving an estimated 46.7 million people with information and resources to help them make better decisions about their healthcare.About Fido Alliance: The FIDO (Fast IDentity Online) Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plugins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security.

AFIDO Alliance logobout Fido Alliance: The FIDO (Fast IDentity Online) Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plugins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security.

1.3:  10:30 AM – 11:15 AM  Meet Laura Anthony

Laura AnthonyHow to Effectively Manage Global Compliance

Laura Anthony, Vice President, Technology Compliance at Salesforce

 

Laura Anthony leads a career focused on Technology Compliance. Starting in U.S. government compliance at KPMG, her role at Salesforce has expanded to oversee a cross-functional Technology Compliance team, responsible for ensuring that Salesforce meets its external technical compliance obligations globally across products. The team’s responsibilities span multiple certifications, industries, and geographies and developing a scalable compliance approach is required. Lauraís specific focus on compliance for cloud computing and enabling enterprise adoption of cloud computing will be the focus of her greatly anticipated talk regarding the management of multiple compliance requirements in a global, cloud-based, enterprise SaaS company. How we manage multiple audits
1-3 Session Description: How to Effectively Manage Compliance for Multiple Global Assessments in a Fortune 500 Enterprise –  In today’s global economy, compliance certifications and regulations are growing by the day and compliance certifications are imperative for demonstrating trust to customers. So how do you meet your global customers’ compliance needs? You need a recipe for managing audits and assessments effectively and at scale.

Salesforce logoMore About: About Salesforce: Salesforce is the Customer Success Platform. Our social and mobile cloud technologiesóincluding our flagship sales and CRM applicationsóhelp companies connect with customers, partners, and employees in entirely new ways.
For those who venture in search of content that thrills, inspires, and informs: interactive.salesforce.com/discover-content-collection http://www.salesforce.com

1-5: 11:15 AM to 12:00 PM Meet Jervis Hui

Jervis Hui

Clarity in the Cloud Age

Jerivs Hui, Chief Evangelist, Netskope

 Netskope preso

Jervis manages the go-to-market efforts, product launches, and sales enablement at Netskope, the leading cloud access security broker (CASB). He collaborates with the product management, engineering, and security teams to develop the product strategy, messaging and thought leadership across Netskope’s cloud security product portfolio. Previously, he worked at Citrix, supporting its enterprise mobility and security products.

How we break it down so we can explain it to others

1- 4 Session Description: A balanced and real-world view of the risks and rewards of a cloud-first data strategy. Understand regulatory compliance requirements (GLBA, HIPAA, PCI, GDPR) that apply when enterprises adopt cloud-based services like Office 365, Box or Slack, as well as unsanctioned ìshadow ITî risks. Learn how leading companies in Retail, Healthcare and Financial Services have realized competitive advantages with their cloud-first IT strategies while securing sensitive data from unauthorized access and protecting their users against new cloud-borne threats.

netskope

About Netskope: Netskope is the leader in cloud security. Using patented technology, Netskopeís cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real time, whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope ó security evolved.

1-5:  1:00 to 1:30 Meet Bill Harmer

Bill Harmer

Change is Simply an Act of Survival: Predicting the the future while shackled to the past

Bill Harmer, Chief Cloud Strategist,
Zscaler

Bil has been in the IT industry for 30 years. He has been at the forefront of the Internet since 1995 and his work in security began in 1998. He has led security for startups, Government and well established Financial Institutions. In 2007 he pioneered the use of the SAS70 coupled with ISO to create a trusted security audit methodology used by the SaaS industry until the introduction of the SOC2. He has presented on Security and Privacy in Canada, Europe, and the US at conferences such as RSA, ISSA, GrrCon and the Cloud Security Alliance. He has been interviewed by and has written for various publications such as Dark Reading, Data Informed, SecureWorld and Security Intelligence. His vision and technical abilities have been used on advisory boards for Adallom, Trust Science, ShieldX, Resolve and Integris. He has served as Chief Security Office for GoodData, VP Security & Global Privacy Officer for the Cloud Division of SAP and now serves as a Strategist for Zscaler where he runs the Office of the CISO for the Americas.https://www.linkedin.com/company/234625/
How we find inspiration in the face of challenge
1-5 Session Description: This presentation will briefly review the history and development of the corporate network, its interaction with the Internet and how the adoption of SaaS and PaaS based solutions have rendered the network irrelevant from a security perspective. We will explore recent developments in malware, trends in targets and attack methodologies using case studies. Finally, we will then consider one possible future and explore how laying the groundwork now will provide a more secure base to work from while improving usability for the Netizens while reigning in costs.

Zscaler Logo Blue CMYKAbout Zscaler: Zscaler enables the worldís leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access, and Zscaler Private Access create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the worldís largest cloud security platform, protecting thousands of enterprises and government agencies from cyber attacks and data loss.Zscaler

1- 6:  1:30 to 2:00 Meet Sean Cordero

SeanCordero

How to use PCI to neutralize our greatest online retail cybersecurity threats

Senior Executive Director, OptivSean Cordero

Sean’s entire career has been one of acting as a continuous change agent, leveraging cutting-edge IT security solutions that protect critical data and support unprecedented growth. He’s successfully transformed the information security systems of Fortune 100 companies and innovative cybersecurity organizations while minimizing operational expenses, improving enterprise processes, strengthening relationships, and building world-class teams.
Improving Information Security PRACTICES:
He drives successful, business-aligned information security programs through transformative ideas and innovations.
For renowned thought leadership and exceptional client engagement, he’s won MVP Award for Executive Advisory consecutively- 2016 and 2017.
Getting PCI right
1-6 Session Description: How can we use PCI to neutralize the greatest cybersecurity threats? This topic includes:

  • PCI Compliance Challenges
  • Running an Effective Vulnerability Management Program
  • Designated Entities Supplemental Validation Criteria and
  • New Responsibility to Report on Failures

OptivAbout Optiv: Created in 2015 from the merger of Accuvant and FishNet Security, Optiv is the largest holistic pure-play cyber security solutions provider in North America. We help clients plan, build and run successful cybersecurity programs that achieve business objectives through our depth and breadth of cybersecurity offerings, extensive capabilities and proven expertise in cybersecurity strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. Follow us at www.twitter.com/optiv and www.facebook.com/optivinc.

1- 7:  2:00 to 2:30 Meet Jim Saliba

James SalbiaAgile and Audits Do Co-exist

Jim Saliba, President at Saliba Consulting Group, Agile Coach at CISCO

Business Transformation Architect, Enterprise Agile Coach, and Strategist, Jim is a Senior Executive with a rare balance of management consulting, information technology, and operations across rapid expansion, turnarounds and M&As. Jim offers Business Transformation leadership; architecting business process transformations strategy through execution with a holistic view of Business Agility giving organizations the competitive edge in a world of rapid internal and/or external environments without losing momentum or vision. My strengths include leveraging a full spectrum of Lean product and Agile methodologies at all levels of the organization to achieve business outcomes.
Believe in Secure Engineering
Agile Puzzle1-7 Session Description: “We are running on Agile, so there is nothing to audit” is a refrain auditors hear all too often.

Many organizations today feel the pressure to move fast, release often and stay open to change while having the requirement to comply with mandatory regulations. As development teams adopt agile practices auditors hear too often “We are running on Agile, so there is nothing to audit”, while regulatory agencies seem to prefer documentation over working software, templates over discussions and governance over adaptiveness.
Yes, these two worlds can co-exist! Jim will show you how to make agile audits work. With more than 25 years developing enterprise products and coaching Agile businesses Jim will show you the Agile processes and artifacts that pass audits.

More About Jim: People choose to work with Jim because he’s effective in helping their organizations build high-performance, innovative cultures and teams particularly in medium to large companies in technology, financial services, and transportation industries. Currently providing service to CISCO, Jim is well known for his years with PwC as their Chief Agility Architect and Director, Global Innovations Software Labs. The Global Innovation Software Labs (GISL) organization will accelerate this transformation, by bringing together Agility in incubation, development and launch functions that can jump-start new ideas and rapidly bring them to market. It enables PwC to quickly develop new, game-changing business models and complete commercial software offerings that provide unique value to our clients and differentiate PwC in the market Jim.Saliba@gmail.com

1- 8:  2:30 to 3:00 Meet Aarij Khan and his guest

Aarij KhanNextGen Security Management

Aarij Khan, V.P. of Marketing, Securonix, and mystery guest

 

 Aarij Khan joins Securonix as VP of Marketing, bringing a deep understanding of the security market and buyer combined with over 15 years of marketing leadership at high growth, innovative security vendors.Previously, Aarij led marketing efforts at RiskIQ where he was responsible for product marketing, analyst and public relations strategy, channel marketing, field marketing, and growth. Before that, he led product and solution marketing at Tenable Network Security and ThreatMetrix. Earlier, Aarij spent over 4 years at ArcSight/HP where he was instrumental in the rapid adoption of ArcSight SIEM products, and ArcSightís recognition as a leader in the Gartner Magic Quadrant for SIEM for 4 years in a row.Aarij holds a Bachelor of Science in computer engineering from Cornell University, a Master of Science in Economics from the Catholic University of Leuven (Belgium), and a Master of Business Administration from Cornellís Johnson Graduate School of Management. http://www.securonix.com What makes customers successful in SIEM
1-8 Session Description: Next Gen Security Management presents a customer case study describing their challenges with their security management program, and how they addressed several limitations of point security tools through the use of an integrated security risk management program.  Securonix

About Securonix: Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior, Securonix is able to automatically and accurately detect the most advanced cyber threats, insider threats, and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around insider threat detection and monitoring, high privileged activity monitoring, data exfiltration, enterprise and web fraud detection, application risk monitoring, cloud security monitoring, cyber threat monitoring and access risk management. Securonix uses a Hadoop platform to provide unlimited scalability and open data model. http://www.securonix.com  

3:00 to 3:30 Desserts and Exhibits

1- 9:  3:30-4:00 Meet Nick Yoo

Nick Yoo

Lessons from Software Quality to tackle Security

Nick Yoo, Chief Security Officer at BMC Software

Quality and Security Waltz

Nick H. Yoo, Chief Security Officer at BMC Software, worked as Chief Security Architect for a global healthcare IT company responsible for the enterprise security architecture and key cybersecurity initiatives such as identity and access management, cloud security and application security. Previously, Yoo was VP of IT Engineering at Samsung SDS, responsible for software engineering standards, methodology and frameworks to enhance developer productivity and software security. Yoo also worked at global consulting companies such as Ernst & Young, CSC, and EDS, and has over 25 years of IT experience. Yoo is an active member of professional organizational groups such as Bay Area APT Response, ISSA, ISACA, and OWASP. He holds numerous professional certifications including CISM and CISSP and has a BBA and master in cybersecurity.
1-9 Session Description: This session reviews the parallels between SW quality and security practices to address identified security issues.

BMC About BMC: BMC is a global leader in software solutions that help IT transform traditional businesses into digital enterprises for the ultimate competitive advantage. Our Digital Enterprise Management set of IT solutions is designed to make digital business fast, seamless, and optimized. From mainframe to mobile to the cloud and beyond, we pair high-speed digital innovation with robust IT industrialization allowing our customers to provide intuitive user experiences with optimized performance, cost, compliance, and productivity. BMC solutions serve more than 10,000 customers worldwide including 82 percent of the Fortune 500.

1- 10: 4:00 PM to 4:30 Meet Vishal Gupta

VishalGuptaConsumer Driven Privacy, or

“Give Me Back My Data”

Vishal Gupta, CEO, Seclore

As the Founder and CEO of Seclore, Vishal comes with two decades of experience in sales, marketing, and business management. His core responsibilities are corporate development, investor relations, and strategic vision.

Vishal is an IIT Bombay (Electrical Engineering) graduate and a specialist in biometric security systems. His ideation in fingerprint imaging led to the development of the core technology behind Herald Logic, a company he founded in 2000. The company showed record 220% CAGR, spreading to Singapore, Australia, and the UK.
An active participant in physics activities with the IAPT (Indian Association of Physics Teachers) and NSEP (National Standard Examination in Physics), Vishal is amongst the top 1% in the country in physics. When he is not dreaming about keeping data secure, Vishal is an active sports person, a keen blogger on information security, and an intrepid speaker at various information security forum.
The future depends on Data-Centric Security
Seclore1-10 Session Description: In an era of “hack back” controversy, there are legitimate, safe and effective ways to protect our data.Vishal Gupta, CEO of Seclore, explores the journey to create a product that lets us get our data and how data-centric security is the wave and mandate of the future.

About Seclore: Secloreís Enterprise Digital Rights Management solution enables organizations to control the usage of files wherever they go, both within and outside of organizationsí boundaries. The ability to remotely enforce and audit who can do what with a file (view, edit, copy, screen capture, print, run macros), from which device and when empowers organizations to embrace BYOD, Cloud services, Enterprise File Sync and Share (EFSS) and external collaboration with confidence. Featuring dozens of pre-built connectors for leading enterprise applications (EFSS, DLP, ECM, ERP, and email), Seclore automates the protection of documents as they are downloaded, discovered, and shared to ensure rapid adoption. Seclore was recently recognized by Frost & Sullivan with a Growth Excellence award, by Deloitte as one of the ë50 Fastest Growing Technology Companies,í and by Gartner as a ëCool Vendor,í due to innovations in browser-based access to protected documents. With over 4 million users across 420 companies in 22 countries, Seclore is helping organizations achieve their data security, governance, and compliance objectives. http://www.seclore.com/

1- 11 4:45 PM to 5:30 Meet  Pritesh Parekh

Pritesh Parekh

IOT, Breaking, and Entering

Pritesh Parekh, MS, MBA, CISSP, CISA, CISM, CRISC, VP, CSO at Zuora

Pritesh Parekh has decades of experience in building and managing enterprise security programs, and with the last 12 years leading security for Cloud platforms. Prior to joining Zuora, Pritesh was leading the worldwide Security and Compliance for ServiceNow. He has extensive experience in Cloud Security, IoT Security, Application Security, Compliance, Data Protection, Fraud Protection, Security Architecture and Risk Management for Financial Institutions, SaaS & Cloud Providers. He has been a speaker at several conferences, quoted in several articles, magazine and a Subject Matter Expert for BITS Shared Assessment & Cloud Development group. Pritesh’s team won the Best Security Team award at SC awards 2016. He is one of the finalists for Information Security Awards (ISE) 2016 awards from T.E.N, a finalist for CSO of the year award and elected Judge for SC Awards 2016.
ï Extensive experience building global security program from ground up, managing security assessments and regulatory requirements including ISO 27001, FISMA (NIST 800-53), PCI Level 1, SSAE 16, IQ/OQ, NERC CIP, SOX, GLBA, HIPAA, BITS Shared Assessment, EU Safe Harbor, SB 1386, BSIMM, Federal FFIEC Examinations and fortune 100 client audits.
IOT and other routine disruptions
1-11 Session Description:

logo zuora About Zuora: Zuora is a SaaS company and the worldís foremost evangelist of the Subscription Economy. Zuoraís leading subscription relationship management platform helps enable businesses in any industry to launch or shift products to subscription, implement new pay-as-you-go pricing and packaging models, gain new insights into subscriber behavior, open new revenue streams, and disrupt market segments to gain competitive advantage. Zuora serves over 800 customers worldwide including Dell, Vivint, Schneider Electric, Box, The Financial Times and General Motors. Headquartered in Silicon Valley, Zuora also operates offices in Atlanta, Boston, Denver, San Francisco, London, Paris, Beijing, Sydney, and Tokyo.

Charge the Holidays
PlatinumSponsor
SecloreSeclore, Platinum Sponsor, live demonstration data-centric security SECLORE Data Centric Risks will be the topic of an upcoming training. As a 2017 Platinum sponsor, we will enjoy this opportunity to look at securing the data at its source and look forward to our upcoming night of dedicated fine and granular data-centric access control.

Secloreís Enterprise Digital Rights Management solution enables organizations to control the usage of files wherever they go, both within and outside of organizationsí boundaries. The ability to remotely enforce and audit who can do what with a file (view, edit, copy, screen capture, print, run macros), from which device and when empowers organizations to embrace BYOD, Cloud services, Enterprise File Sync and Share (EFSS) and external collaboration with confidence. Featuring dozens of pre-built connectors for leading enterprise applications (EFSS, DLP, ECM, ERP, and email), SECLORE automates the protection of documents as they are downloaded, discovered, and shared to ensure rapid adoption. Seclore was recently recognized by Frost & Sullivan with a Growth Excellence Award, by Deloitte as one of the ë50 Fastest Growing Technology Companies,í and by Gartner as a ëCool Vendor,í due to innovations in browser-based access to protected documents. With over 4 million users across 420 companies in 22 countries, Seclore is helping organizations achieve their data security, governance, and compliance objectives. http://www.seclore.com/

Stay tuned for upcoming hosted events involving SECLORE and (ISC)2 Community

SecuronixSecuronix, Platinum Sponsor, live demonstration visualizing the threat, actionable intelligence Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior, Securonix is able to automatically and accurately detect the most advanced cyber threats, insider threats, and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around insider threat detection and monitoring, high privileged activity monitoring, data exfiltration, enterprise and web fraud detection, application risk monitoring, cloud security monitoring, cyber threat monitoring and access risk management. Securonix uses a Hadoop platform to provide unlimited scalability and open data model. http://www.securonix.com
netwrix logoNetwrix, Platinum sponsor, live demonstration assigning the policy that proves our governance is in place Netwrix Corporation was first to introduce visibility and governance platform for on-premises, hybrid and cloud IT environments.
More than 150,000 IT departments worldwide rely on Netwrix to detect insider threats on-premises and in the cloud, pass compliance audits with less expense and increase the productivity of IT security and operations teams. Founded in 2006, Netwrix has earned more than 90 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S.
netskopeNetskope, Platinum Sponsor, live demonstration, mapping the path of business, the evolution of cloud security Netskope is the leader in cloud security. Using patented technology, Netskopeís cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real time, whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope ó security evolved.
Zscaler

Zscaler, Gold Sponsor, live demonstration enables secure mobile enterprise in real time, architecting the secure enterprise network

 

Zscaler enables the worldís leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access, and Zscaler Private Access create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the worldís largest cloud security platform, protecting thousands of enterprises and government agencies from cyber attacks and data loss.

Allgress

Allgress, Honorary Sponsor and year-round host to (ISC)2 East Bay Chapter Meetings

Gordon Shevlin also supplies our guests with drink tickets

Thank you Allgress!

 

While you’re here explore the world’s best GRC leveraging the Amazon Marketplace and native cloud application ready Health Care savvy governance program management.

Allgress enables enterprise risk, security, and compliance professionals the ability to effectively manage their risk posture. By utilizing advanced visualization, automation, streamlined workflows, and the integration of existing data feeds, Allgress reduces the complexity and cost of risk management. Unlike other risk management solutions, Allgress customers derive value in days rather than months. For more information, visit www.allgress.com Contact us at info@allgress.com or 925.579.0002

Stay tuned for upcoming hosted events involving Allgress and (ISC)2 Community

How do integrate our security program and our GRC?
CyberArkMdHonorary Exhibitor

CyberArk contributed a speaker and sponsored our last event. We invite CyberArk for one more round and thank them for early adoption and support to (ISC)2 East Bay

CyberArk is the only security company laser-focused on striking down targeted cyber threats, those that make their way inside to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk is trusted by the worldís leading companies ó including more than 45% of the Fortune 100 companies ó to protect their highest value information assets, infrastructure, and applications. For over a decade CyberArk has led the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets. Today, only CyberArk is delivering a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done. At a time when auditors and regulators are recognizing that privileged accounts are the fast track for cyber attacks and demanding stronger protection, CyberArkís security solutions master high-stakes compliance and audit requirements while arming businesses to protect what matters most. With offices and authorized partners worldwide, CyberArk is a vital security partner to more than 3,200 global businesses, including more than 45% of the Fortune, 100 more than 25% of the Global 2000, CyberArk has offices in the U.S., Israel, Australia, France, Germany, Italy, Japan, Netherlands, Singapore, Spain, Turkey and the U.K.
OptivHonorary Exhibitor

Optiv has hosted (ISC)2 East Bay Chapter for Pleasanton based events for the last two years.

Thank You Optiv!

Strategy with dimension. Optiv is the strategic consulting arm of The Healthy Thinking Group, Australiaís largest and most experienced healthcare communication groups. We are healthcare strategy specialists with specific skills tailored to life sciences. Weíve solved strategic problems and improved business outcomes for clients in the pharmaceutical, biotech, agriculture, and animal health industries. As part of the Healthy Thinking Group, weíve worked on many projects across the Asia Pacific region and beyond. Weíre curious about anything that improves the health of humans, animals, plants or our environment. We understand that challenges in healthcare can be complex and multifaceted. Thatís why we have a considered approach to strategy that helps us explore all angles to uncover new possibilities. Our depth of expertise spans a variety of commercial functions. We not only collaborate directly without clients on their business needs, we also partner with our Healthy Thinking Group colleagues to create strategic platforms for advertising, digital and medical education campaigns. Our team is united by a passion to deliver tailored, insights-driven recommendations across our three pillars – Business, Brands, and People.

SecureRetailSunset

Speaker Reception to Follow

RobinGordonCyberHealth
How to become a member: Please directly contact our Chapter President Lokesh Sisodiya and fill out the membership form https://isc2-eastbay-chapter.org/membership/
ThankYouEveryone
Cisco Logo EnterpriseGRC Thank you Chevron, for providing us space and food for the last two years.
Optiv Allgress
(This 1-day event counts towards 8 hours of Continuing Professional Education or 8 CPEs.)

Your friends and colleagues at (ISC)2 East Bay Chapter chapter can’t wait to see you. We hope you join us in giving special thanks to the conference committee volunteers, without whom, such events would not be possible. Providing weekly meetings, binding flyers, drafting letters, being a liaison to our gracious speakers, updating and proofing our brochures, and assisting in the overall quality management of the Summer Conference, we acknowledge Scott Sullivan, Atul Kumar, Debbie Vargus and Dave Repine and others as well as all members of the Board of Directors for their added responsibilities in coordinating our conference business, and for all the wisdom provided by the full membership of our board. Your support is greatly appreciated.

Yours Sincerely,

Robin Basham, Conference Director

The (ISC)2 East Bay Chapter Board of Directors

We push you in