Dec 9TH, 2021 MEMBER MEETING: CMM 4 to NIST SP800-53R5 Working Group Results

Thursday, 7 PM to 9 PM Webinar – Registration Link

Cloud Security Alliance Working Group CCM 4.1 to NIST SP 800-53 r5 Mapping Insights and Outcomes
Follow up to “Aligning the Cloud Controls Matrix CCM 4.1 to NIST SP 800-53 r5 – The Control Reference Layer”

Presentation prepared for Cloud Security Alliance, CSA CCM 4.1 to NIST SP 800-53 rev 5 Working Group, By Robin Basham, CEO EnterpriseGRC Solution, CISSP, CISA, CGEIT, CRISC, CRP, VRP, and President, ISC2 East Bay Chapter, With collaboration from 20 CCM WG team members

Robin Basham, Current ISC-2 East Bay Chapter President, Conferences Director, covering for Director Programs… Leader for Cloud Security Alliance CCM NIST WG

About the speaker: Robin Basham recently lead the Cloud Security Alliance CCM 4 to NIST 800-53 R5 Working Group. This effort began as a proposed commitment in April, involving the collaboration of some of our biggest and most well respected East Bay Enterprises. Leveraging the talent of 20 volunteers and mappings as designed in three major companies, the CCM WG produced a refined mapping that will release in JSON format and hopefully brings much-needed clarity to the Cloud Security and Compliance Community.

Owner EnterpriseGRC Solutions, President, ISC2 East Bay, Certified Information Systems Security (CISSP), Audit (CISA), Governance (CGEIT) and Risk (CRISC), ICT GRC expert and early adopter in both certifying and offering certification programs for Cloud Security and Virtualization, with industry experience in the management of systems, controls and data for SaaS (IaaS and PaaS), Finance, Healthcare, Banking, Education, Defense, and High Tech. Positions held include Technology Officer at State Street Bank, Leading Process Engineering for a major New England CLEC, Sr. Director Enterprise Technology for multiple advisory firms, founding, engineering product and running two governance software companies, and most recently Director Enterprise Compliance for a major player in the mortgage industry, Ellie Mae. Recently full time at Cisco, Unified Compliance and ISMS Program Manager, Robin currently leads LSHC in support of three MDM clients as well as donating substantial time to supporting social platform security to further social democracy. Robin recently contributed a mapping refresh for NIST 171/172 to Dr. Ron Ross FISMA team and is currently contributing to the CCM Mapping for version 4.0. She is also a past board member to the ISACA SV Chapter.

Side note: A Friend of the Chapter, Bill Klaben sends an invitation to Join Omdia and CybeReady experts (Dec 14th, 8 am PST / 11 am EST): Measuring Effectiveness in Security Awareness Training This Webinar is one of the products in the Informa Tech Cybersecurity portfolio, which includes market-leading brands Black Hat, Dark Reading, and OMDIA Key Topics for Discussion include: -How training effectiveness can be measured -Click Rate in phishing simulations: is lower always better? -How to translate the measurements into the language of the boardroom Register via this link – https://event.on24.com/wcc/r/3503879/82F96812AC621BE31030EA09ABFB8161?partnerref=CybeReadySales

CPE Summary 2021

JANUARY 14TH ANNUAL ELECTION AND MEMBER MEETING – INTERACTIVE APPLICATION SECURITY TESTING (IAST) – 2 CPE

FEBRUARY 11TH, 2021 MEMBER MEETING HOW TO ACHIEVE LEAST PRIVILEGE AT CLOUD SCALE – 2 CPE

MARCH 11TH, 2021 MEMBER MEETING SAP DATA CUSTODIAN FOR CLOUD DATA SECURITY – 2 CPE

APRIL 8TH, 2021, MEMBER MEETING ZERO TRUST DATA PROTECTION – 2 CPE

MAY 13TH, 2021, MEMBER MEETING CCM 4.0 MAPPING PART TWO A TECHNICAL DIVE INTO UNIFIED COMPLIANCE STRATEGY – 2 CPE

JUNE 8 PARTNER CHAPTER MEMBER ISC2 SV EVENT NIST SP-800-53 R5 – THE CONTROL REFERENCE LAYER: TAMING THE BEAST 2 CPE

JUNE 9 2021 MEMBER OPPORTUNITY VIRTUAL CYBER SECURITY SUMMIT FEATURING NSA & THE FBI (reported by members up to 8 CPE)

JUNE 10TH, 2021 MEMBER MEETING IOT ENDPOINT SECURITY: FAILURE OF SECURITY TO PROTECT – 2 CPE

JULY 8TH, 2021 MEMBER MEETING: VULNERABILITY VALIDATION; RISKS & THREATS WITH 5G, IOT, IIOT, OT – 2 CPE

AUGUST 12TH, 2021 MEMBER MEETING, PROTEGRITY PRESENTATION: SHARING SENSITIVE INFORMATION SECURELY – 2 CPE

(September – private board event 2 CPE)

CCSK Training Istvan Berko, reported by individual up to 8 CPE

OCTOBER 14TH 1-ELECTION SYSTEMS AUDIT, 2-COVID-19 DISINFORMATION, STRIPPING THE POLITICS OUT OF CYBERSECURITY – 2 CPE

NOV 11TH, 2021 MEMBER MEETING: SES 1 – WHO’S ACCOUNTABLE ANYWAY; SES 2 – MANAGED SECURITY – 2 CPE

Our board met 12 times in 2021 and provided support to other chapters and organizations as mentors and collaborators. We take pride in being a supporting member of many other California organizations and look forward to our continued partnerships.

From all of us at (ISC)2 East Bay Chapter, We Wish You All
The Happiest of SAFE Holidays
and a Joyous New Year