Highlights

<< >>

InfoSec Institute 20% Discount Program

Intense School / InfoSec Institute are national providers of IT and InfoSec professional development courses. They offers ISSA members 20% off any currently valid training program. Courses/boot camps include Ethical Hacking, Computer Forensics, Web Applications Penetration Testing, CISA, CISM, etc. You must provide proof of ISSA membership to the enrollment specialist to receive the discount.

2014 May Security Seminar

Content from the Seminar

Download PDF Seminar Details – Flyer

Download PDF PCI-Compliance-and-v3_SecurityMetrics_Halbleib

Download PDF On-the-Horizon-Physical-Security_ELF-WORKS-INC_Figge

 

You won’t want to miss this seminar!

Speaker: Matt Halbleib, Sr. Qualified Security Assessor, SECURITYMETRICS“PCI Compliance and Version 3.0”  Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures Version 3.0, was released in November 2013. Matt will discuss the key changes including those in the physical security requirements, some information from compromises his forensic teams have investigated, and some common problems they encounter with clients.
Speaker: Darrell Switzer, Managing Consultant, Incident Management Practice, FISHNET SECURITY“What Lurks in Your Networks”  Threats are evolving faster than current security defenses. Organized and often well-funded criminals are after the money and Nation-States are after the intelligence. Darrell will provide an overview of what his incident management team is seeing in the wild and how highly performing organizations are combating today’s targeted threats. He will address the problems, targets, victims, motivations, breach and response metrics, whether you have been breached, and what do I do about it. He will also provide key concepts for combating modern threats.
Speaker: David Figge, President, ELF WORKS INC.“What’s On the Horizon with Physical Security?”  David describes the current and emerging trends in physical security regarding access control, badging, and video surveillance. He will approach this topic from the point of view of the user and will cover both the technologies and the impacts it will have in commercial security settings.
When: Thursday, May 8th, 2014; 9:00 am – 1:00 pm (check-in starts at 8:30 am)
Cost: ISSA and ISACA members: $35, Non-members: $50, limited seating – register today!
Where: LDS Riverton Office Building (see map for directions).
Note: Those who register online prior to the event, are not required to provide photo id at the door.
Credit: 3 CPE Credits
Join ISSA: To join the ISSA, visit https://www.issa.org/Join.html. General membership annual fee is $110; student fee $45 per year.

 

 

 

2014 Spring Security Seminar

Presentations:

Download PDF Incident Response: Six Steps for Managing Cyber Breaches – Guidence Software

Download PDF BYOD and Mobile Application Security – Security Aim

Download PDF Consuming-Threat-Intel-More-Effectively_Rolston

 

Registration: Registration Closed

Download PDF  Download Flyer

We anticipate a great seminar loaded with good information!
Special thanks to our sponsors, Qualys and Guidance Software.

Speaker:

Richard Thompson, Director – Professional Services, GUIDANCE SOFTWARE

“Incident Response: Six Steps for Managing Cyber Breaches”

Now that security breaches are practically unavoidable, organizations must adopt new postures to be prepared for and successfully respond to incidents at the first sign of intrusion. The speed at which you identify the breach, halt progress of infectious malware, stop access and ex-filtration of sensitive data, and remediate the threat will make significant difference in controlling risk, costs, and exposure during an incident. This presentation will outline the six essential steps to effective incident response in order to greatly increase your success in managing cyber breaches.

Speaker:

Dmitry Dessiatnikov, President, SECURITY AIM

“BYOD and Mobile Application Security”

The explosion of the mobile application market coupled with acceptance of “bring your own device” (BYOD) to enterprise environments comes with its unique security risks. While driven by a rise in productivity, convenience and overall user satisfaction BYOD increases the attack surface that most businesses are not prepared for. In this presentation we will cover the reasons for concern along with a live demonstration of a remote compromise of an Android phone in a corporate environment. We will also discuss the OWASP top 10 mobile risks and demonstrate some common issues with a vulnerable iOS mobile application. A free tool will be shared with the audience that can be used to assess their corporate BYOD environments.

Speaker:

Bri Rolston, Chief Research Geek, GkCHICK RESEARCH

“Threat Intel, Proper Use and Application.”

Case Study: Red October attacks. She will break down the threat intel used and show how to develop a technical security response plan for it. Few security teams have the ability to read threat information, understand how it affects risk, and then develop a strategic technical response.

When: Thursday, 6th of March 2014; 9:00 am – 1:00 pm (check-in starts at 8:30 am)
Cost: ISSA and ISACA members: $35, Non-members: $50, limited seating – register today!
Where: LDS Riverton Office Building (see map for directions).
Note: Those who register online prior to the event, are not required to provide photo id at the door.
Credit: 3 CPE Credits
Join ISSA: To join the ISSA at https://www.issa.org/Join.html. General membership annual fee is $110; student fee $45 per year.

 

 

 

2014 Utah ISSA Chapter Events

The following are the dates for the 2014 Utah ISSA Chapter events:
— ISSA Utah Winter Security Seminar – 6 March 2014, 8:30 am -12:30 pm, @ LDS Riverton Office Building, 3740 West Market Drive, Riverton, UT, 84065; three speakers, breakfast and lunch.
— ISSA Utah Spring Security Seminar – 8 May 2014, 8:30 am -12:30 pm, @ LDS Riverton Office Building, 3740 West Market Drive, Riverton, UT, 84065; three speakers, breakfast and lunch.
— ISSA Utah Fall Security Seminar – 11 September 2014, 8:30 am -12:30 pm, @ LDS Riverton Office Building, 3740 West Market Drive, Riverton, UT, 84065; three speakers, breakfast and lunch.
— ISSA Utah Holiday Luncheon – 4 December, 11:30 am – 1:00 pm, University of Utah Alumni House, 155 Central Campus Dr, Salt Lake City, UT 84112; one speaker, lunch.

Annual Holiday Luncheon 2013

The Holidays are Here!

We will be hosting the chapter’s annual holiday luncheon on Dec 5.  This luncheon is free to chapter members.

Our speaker this year is Pete Ferguson, of eBay Inc., who will discuss Why and How to Partner with Physical Security.  Pete’s remarks should provide an interesting focal point for the event.  Please come and enjoy the afternoon with ISSA Utah.  We look forward to seeing you there!

RSVP Today!

To obtain an accurate count of those who will attend our upcoming holiday luncheon please RSVP at: http://www.rsvpmenow.com/, with the event code: 26453.

Another option would be to use this QR code from your smart phone.
QRcodeHolidayLunch2013

Annual Holiday Luncheon 2013

Date: December 5, 2013
Time: 11:30 am – 1:00 pm

Location: University of Utah Alumni House  map

155 Central Campus Drive
University of Utah,Salt Lake City,UT 84112
USA

Cost: Free for ISSA members; $25 for non-members

SpeakerPete Ferguson, Manager, Safety & Security Program Development, eBay Inc 

Topic:  Why and How to Partner with Physical Security

Securing people and places often are overlooked when compared to information security risks. Preventing people physical access to your facility as well as ensuring a good people-based crisis management program are in place are critical to the overall security strategy.

Speaker Bio: Pete has worked with eBay since it first came to Utah in 1999. With only 1,500 global employees at the time, he was on the ground level and responsible for introducing safety and security policies and practices to Utah -– and shortly thereafter to many additional locations as the company grew. He has served as a manager for global customer service locations and regional manager for both the Americas and Asia Pacific regions. With an educational and experiential background in Communications, Public Relations, he is now responsible for policy, awareness, and auditing programs for eBay’s 500+ global Safety and Security team. He also hold his Certified Protection Professional (CPP) designation from the American Society of Industrial Security (ASIS).

 

 

 

 

Fall Security Seminar 2013

The Utah chapter of the ISSA is pleased to announce our Fall Security Seminar.

 

Presentations from the Event:

pdf 2013-Fall_Enterprise-Vulnerabilties-Mgmt-Best-Practices_Qualys

pdf 2013-Fall_Too-Much-Security_Nelson

pdf 2013-Fall_Securing-the-Virtual-Environment_OPS-CSM1209_Ottenheimer

 

pdf  Full Event Details Here

Registration is closed.

 

When: Thursday, 26 September 2013; 9:00 am – 1:00 pm

(check-in starts at 8:30 am) ISSA and ISACA

Cost: members: $35, Non-members: $50,
Limited seating – register today!

Where: LDS Riverton Office Building (see map for directions).
Note: Those who register online prior to the event, are not required to provide photo id at the door.

Credit: 3 CPE Credits

Join ISSA: To join the ISSA at https://www.issa.org/Join.html. General membership annual fee is $110; student fee $45 per year.

 

Featured Speakers

Grant Johnson & Jeff Buzzella, of QUALYS

“Best Practices, Audit & Control of a Enterprise Vulnerability Management Program”

  • What is Enterprise Vulnerability Management (EVM)?
  • What are the Key elements of the EVM program?
  • IT Inventory – Risks and Control Tests.
  • Vulnerability Scope and Risk evaluation – Risks and Control Testing.
  • Vulnerability Scanning – Things to be aware of…
  • Remediation Process /Tickets/ Risk and Control Testing.
  • Exception Process – What you choose to ignore can bite you!

 

Davis A. Nelson, Jr., Founder of Integrity Technology Systems.

“IT Risk Management: Because You Can Have too Much Security”

Dave will show how using proper IT risk management techniques can help organizations prioritize information security expenditures to get the best ROI.

 

Matthew Wallace, Director, Product Development, VIAWEST.

“Securing the Virtual Environment: How to Defend the Enterprise Against Attack.”

This presentation offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities in virtual environments. Examines the difference in a virtual model versus traditional computing models and the appropriate technology and procedures to defend it from attack:

  1. Dissects and exposes attacks targeted at the virtual environment and the steps necessary for defense;
  2. Covers information security in virtual environments: building a virtual attack lab, finding leaks, getting a side-channel, denying or compromising services, abusing the hypervisor, forcing an interception, and spreading infestations;
  3. The state of security and compliance in the cloud.

How Do I Join ISSA?

Glad you asked!  Just visit the National ISSA Website for all the info.

The URL for new member sign up is https://www.issa.org/general/register_member_type.asp?

Attend IANS Security Forums for 50% Discount

IANS Research has a co-marketing agreement with ISSA International. Part of the agreement gives ISSA members a 50% discount on all IANS Forums. All ISSA members can register for $675 rather than $1350. See the IANS events page for more information. The Forum closest to Utah is in San Francisco 15-16 Oct. For more information on this event and for registration, see the IANS San Francisco Information Security Forum 2013 landing page.

Paraben’s Forensic Innovations Conference (PFIC 2013)

Paraben’s Forensic Innovations Training & Conference is scheduled for 13-15 November at Snowbird. There are three tracks.

Conference Track ($199.00) — it includes attendance in over 20 different sessions on the latest techniques and issues facing the industry.

Advanced Training Track ($399.00) — it includes attendance in three 8-hour courses which are:
-Intrusions and Forensic Footprints (Hacker vs. Investigator)
-Advanced Memory Analysis, Malware Triage & Log Analysis
-Advanced Mac Forensics.

Specialist Training Track ($399.00) — it includes two 4-hour sessions each day and you rotate through all the topics which are:
-On-scene Triage Techniques
-Shadow Volumes & Windows Artifacts
-Chip-Off Forensics for Mobile Devices
-USB Drive Investigation & Tracking in a Multi-OS Environment
-Python Forensics
-Mobile Forensics Logical and Physical Acquisition & Analysis

PFIC also includes after-hours activities for everyone and daytime activities for spouses.

For the complete agenda and registration, go to www.pfic-conference.com.

Summer Security Seminar 2013

The Utah chapter of the ISSA is pleased to announce our Summer Security Seminar.

Presentations from the Seminar:

Speaker Brady Bloxham, founder SILENT BREAK SECURITY
“Professional Penetration Testing: Creating and Learning in a Hacking Lab”
pdfBlackhat Hacking

 

Speakes: Dave Norwood, President of Trusted Network Solutions.
                    Jim Brown,
Chief Network/ Security Architect at L3 Communications.
“We are Truly in a State of War on the Internet!”
pptx2013summer_war-on-internet.pptx

 

Speaker: Heather McCalley, of MALCOVERY Security

“Phishing Intelligence.”
More Information Here

 

Event Information

Speaker: Brady Bloxham, founder SILENT BREAK SECURITY

“Professional Penetration Testing: Creating and Learning in a Hacking Lab”

Threats, attacks, and hacks your organization is facing are becoming more targeted and advanced. To properly prepare, penetration tests and security assessments need to be realistically modeled to mimic the changing threat landscape. This presentation will dive into the technical tricks, tactics, and techniques that attackers are using against you. Understanding how attackers gain access, expand presence, and exfiltrate sensitive data is the first step in defending against it.

Speakers: Dave Norwood, President of Trusted Network Solutions.
                    Jim Brown, Chief Network/ Security Architect at L3 Communications.
“We are Truly in a State of War on the Internet!”

Dave and Jim will dive deep into the most current security topics including a focus on cyber warfare and state-sponsored cyber espionage. The latest security reports will be discussed as well as real-life examples of attacks happening right here in Utah.

Speaker: Heather McCalley, of MALCOVERY Security

“Phishing Intelligence.”

Traditional phishing response in the past has been limited to the game of Whack-A-Mole where phishers make new websites, banks report those to Take Down companies, who then try to shut the site down before very many customers lose their credentials to criminals. By clustering related phishing sites and ordering the clusters by prevalence, investigations and countermeasures can be prioritized and modified in response to the threat.

 

  • When: Thursday, 20 June 2013; 9:00 am – 1:00 pm (check-in starts at 8:30 am)
  • Where: LDS Riverton Office Building (see map for directions)
  • Note: Those who register online prior to the event, are not required to provide photo id at the door.
  • Cost: ISSA and ISACA members: $35
  • Non-members: $50
  • Seating is limited – register today!
  • Credit: 3 CPE Credits
  • Join ISSA: To join the ISSA at https://www.issa.org/Join.html. General membership annual fee is $110; student fee $45 per year.