Gaissa header

events header

The Information Systems Security Association Metro Atlanta Chapter is a non-profit group dedicated to providing educational and networking opportunities. We promote the exchange of ideas and knowledge for each member's growth within the information security profession.

 

Jan / Feb / Mar / Apr / May / Jun / Jul / Aug / Sep / Oct / Nov / Dec


Splunk Security Data 101 Workshop
Saturday, Jan 12, 2019

"Splunk Security Data 101"

ISSA Atlanta is hosting a hands-on Splunk Security Data 101 workshop on Saturday, January 12th from 8:30am-4pm at the Georgia Hospital Association. Learn the basics of Splunk and how to use Splunk for various Security use cases. FREE for ISSA Atlanta Chapter members.

  • Learn more about how Splunk can improve your Security posture
  • Experience hands-on activity with Splunk to learn basic search techniques
  • Learn a few advanced search techniques to improve Security research using Splunk
  • View an updated demonstration of some of the latest features in Splunk and Enterprise Security
  • Learn how automation can assist your Security and IT Ops teams that might be short on people power
  • Perform hands-on activity with Splunk's Enterprise Security, premium solution for SIEM

Attendee Requirements:

  • Must bring their own system. Most modern laptops are acceptable.

Agenda:

Splunk Workshop for Security Insights
  • 8:30 - 9:00: Check-in, light breakfast, and Networking
  • 9:00 - 9:30: Overview of Splunk
  • 9:30 - 10:00: Explanation of how search works (with demo)
  • 10:00 - 10:15: Break
  • 10:15 - 11:30: Hands-on activity (learn how to search and create correlation search)
  • 11:30 - 12:30: Lunch break and Networking
  • 12:30 - 1:00: Splunk's Security Portfolio
  • 1:00 - 2:15: Hands-on activity (experience with Splunk Enterprise Security, Top 10 use case examples)
  • 2:15 - 2:30: Break
  • 2:30 - 3:30: Insider Threat Overview (with demo)
  • 3:30 - 3:45: Final Thoughts and Next Steps

Instructors:

Michael Nobles / Colleen Paine

Michael Nobles is a Senior Sales Engineer at Splunk working on his Security SME (subject matter expert) designation. Michael recently completed his CEH to become a Certified Ethical Hacker. During the last 3 years, Michael has been supporting Splunk at various customers across the southeast USA. Prior to that, Michael was at IBM and focused on Hadoop and Big Data for nearly 6 years. Before Big Data, Michael was a sales engineer for data warehousing and business intelligence solutions at IBM. Michael also has a computer science degree from Texas A&M University.

On a quick personal note, Michael has been happily married to his wife, Janelle, for 28 years. Michael has 4 kids, and three awesome grandkids now. His oldest three kids are married and the youngest one is still living at home and going to Georgia State University. When Michael is not at work, you will find him donating his free time at church where he leads the camera team at Passion City Church (http://passioncitychurch.com) and you can see his handy work in the videos published on the site every week (using the "watch" link).

Colleen Paine is a Sr Sales Engineer who has been doing nothing but Splunk since 2012. She lives in Dahlonega with her husband, 6 chickens and large dog, Thor. Thankfully her children are old enough to have left the nest!

Colleen loves riding her bicycle and hiking and she is planning a snowshoeing trip in Yosemite this March. She strives to garden but FAILS- let her know if you can offer her any advice.

Location:
Georgia Hospital Association
1675 Terrell Mill Road
Marietta, GA 30067

Time:
8:30 am to 4:00 pm

Map

Click here to register

(Back to top)


Chapter Meeting for January
Thursday, Jan 31, 2019

"Strategies for Advancing Your Security Career"

Keyaan Williams
CEO at Cyber Leadership and Strategy Solutions, LLC (CLASS_LLC)

Logo

The ISSA developed a Cybersecurity Career Lifecycle (CSCL) that describes the knowledge, skills, and aptitudes required for success at five levels of professionalism. This presentation will explore the career strategy required to achieve success at each level and what people need to do to prepare for success at higher levels.

Keyaan is an experienced executive who specializes in information security, risk management, compliance, and internal controls. He has helped global enterprises, governments, universities, small businesses develop solutions that satisfy legal, regulatory, and operational requirements. He currently serves as the CEO of a professional services firm that focuses on cyber strategy, risk management, and workforce develop for global clients.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for February
Thursday, Feb 28, 2019

"Internal Audit: The Third Line of Defense"

Robin Moore
Sr. IT Auditor at Change Healthcare

Logo

Protecting an organization from security threats is a team effort. Defense in depth means more than just multiple levels of security, it also means multiple departments working together in a common defense. No longer is Internal Audit the exclusive domain of Accountants, and by adding Security Experts to Internal Audit teams an organization can add another level of defense to its security posture. This presentation will look at security from the perspective of the Internal Auditor and discuss key reasons for adding security minded professionals to the Internal Audit teams as well as the common myths behind the adversarial nature of the relationship most departments believe they have with Internal Audit.

Robin is Sr. IT Auditor at Change Healthcare & Professor at Georgia State University. Robin is a part-time Professor in the Computer Information Systems Department at Georgia State University where he teaches Network Security and Hacking as well as Security Audit and Compliance in the Master of Science in Information Systems program. With over a decade of IT experience covering physical security, application security, security auditing, and compliance he recently transitioned to Internal Audit with Change Healthcare as part of their Audit and Risk Advisory Services team with the objective of bringing a security focus to Internal Audit.

Robin holds CISSP and CEH certifications as well as BS and MS degrees in Information Systems and is currently working on his doctoral dissertation in security compliance.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for March
Thursday, Mar 28, 2019

"Cybersecurity Exercises and the Importance of These"

Marian Reed
Sr. Director, Global iSOC, Information Security and Risk Management

Logo

Marian is an experienced Senior Director with a demonstrated history of working in the hospital & health care industry. She is a strong professional skilled in IT Strategy, Team Building, Management, Health Information Exchange, and Healthcare. Currently, Marian is responsible for Global iSOC at McKesson which includes Cyber Security Incident Management and annual exercises.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for April
Thursday, Apr 25, 2019

"Building a Valid Threat Library for Cloud Based Applications"

Tony UcedaVélez
CEO & Founder, VerSprite | Evolved Security Consulting

Logo

Tapping the power of various inherent cloud monitoring and log components in order to build a dynamic threat library that can substantiate your threat model is very possible. In this talk we'll look at both Azure and AWS components to leverage when adding threat context and ultimately an amazing threat library to your application threat model. We'll look at exemplifying these techniques across mission critical infrastructure in Energy and Transportation.

Tony is CEO at VerSprite, an Atlanta based security services firm assisting global multi-national corporations on various areas of cyber security, secure software development, threat modeling, application security, security governance, and security risk management. Tony has worked and led teams in the areas of application security, penetration testing, security architecture, and technical risk management for various organizations in Utility, Banking, Government, Retail, Healthcare, and Information Services. He recently finished his latest book, Risk Centric Threat Modeling with Wiley Life Sciences which was endorsed by the late Howard Schmidt, former cybersecurity coordinator for the White House. Tony regularly speaks at global security and technology conferences/ chapters and has spoken at global events spanning across 13 countries, 4 continents on various security themes. He also has been running the OWASP Atlanta Chapter for the past 9 years.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for May
Wednesday, May 29, 2019

"Introduction to FAIR Risk Analysis"

Donna Gallaher

FAIR Quantitative Risk methodology improves upon the traditional "Red-Yellow-Green" executive dashboard reports by putting risks in financial terms. Applying FAIR methodology within your security program improves the quality of the discussions with your business stakeholders by diving into the assets, threat actors and impact of loss scenarios that are most meaningful to the organization. Once FAIR is methodology is added to your existing risk framework, your board of directors and executive team will be enabled to make better informed funding and risk mitigation decisions using objective data and financial models.

Ms. Gallaher served as a C-Level Strategic Advisor in IT and Cyber Strategy for multiple global companies for over 15 years drawing from her previous successes in engineering, solution selling, IT operations and leadership. She provides value to clients by thoroughly understanding business and regulatory requirements, assessing obstacles and translating technical challenges into business risks allowing technology to function as a business enabler.

Ms. Gallaher is the Chair of the Atlanta FAIR Institute Chapter, serves on the Board of Directors of the Technology Association of Georgia Information Security Society, Evanta CISO Southeast Governing Body and is active in the local ISSA and Cloud Security Alliance chapters. She is active in the lobby efforts to shape cyber security legislation and her recent articles have been published on the National Technology Security Coalition website.

Ms. Gallaher holds CISSP, CCISO, CIPP/E, CIPM , Open FAIR and ITIL certifications and is designated a Fellow of Information Privacy by IAPP. She is a graduate of Auburn University with a Bachelor of Science in Electrical Engineering.

---------------------------------------

Our May Membership meeting is May 29 @ 3:00 at SecureWorld in Ballroom C. Registration is free through SecureWorld using the discount code:

"ISSE" which allows attendance to the Exhibit Hall.

Registration is below:

SecureWorld Registration

VIEW COMPLETE REGISTRATION DETAILS

SecureWorld Details

Immediately following the meeting will be the Opening Reception sponsored by the Metro Atlanta ISSA featuring a Women CISO panel. Start time for the ISSA Women CISO panel is 4 - 6, Keynote Theatre.

There is no charge for ISSA members to attend this. Registration is separate and at this link:

ISSA Executive Panel and Reception

Please be aware that by registering, your information will be shared with the sponsoring vendors for both SecureWorld events.

Location:
Cobb Galleria Centre
2 Galleria Pkwy SE
Atlanta, GA 30339

Time:
3:00 pm to 4:00 pm

Map

Earn CPE credits with attendance

(Back to top)


Career Day
Saturday, June 15, 2019

"Title Coming Soon"

The Metro Atlanta ISSA Chapter is hosting a career day event to help promote career development of Junior to Midlevel Information Security professionals in the Atlanta area.

Please note that while participation in this event is provided free of charge by Metro Atlanta ISSA, participants must register to attend by June 10th. Limited seats are available. Complimentary parking validation for attendees. For additional questions, please send email to careers[at]gaissa[dot]org with any questions.

Location:
Loudermilk Conference Center
40 Courtland St NE
Atlanta, GA 30303

Time:
10:00 am to 3:00 pm

Map

Registration coming soon

(Back to top)


Chapter Meeting for June
Thursday, Jun 27, 2019

"Coming Soon"

Jason S. Lawrence

More information to come.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Registration coming soon

(Back to top)


Chapter Meeting for July
Thursday, Jul 25, 2019

"Demonstration of Application Security Vulnerabilities"

CT Chidambaram
Application Security Architect, Macys Technology

Live Demonstration of common vulnerabilities like SQL Injection, XSS, Local/Remote file inclusion. Including a quick look at the code (simple easy to understand sql/php code) which caused it and how they can be avoided.

CT has a broad experience in building and securing enterprise and embedded systems. He currently works for Macys as an Application security architect. He is responsible for improving software application and systems security for Macys. Evaluates new and proposed security systems, products, and technologies.

Prior to joining Macys, CT worked for US Bank, Cisco Systems, and AT&T in the areas of application security, application development, video encryption/delivery.

CT holds a MBA in information systems from Auburn. He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Scrum Product Owner (CSPO), Certified Scrum Master (CSM) and a Sun Certified Architect for JAVA Technology.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Registration coming soon

(Back to top)


Chapter Meeting for August
Thursday, Aug 29, 2019

"Atlanta, how do we keep the winning streak going?"

David Rubinger
Atlanta Business Chronicle

David has spent the past 30 years as both an award-winning journalist and corporate communications executive. He returned to his roots at Atlanta Business Chronicle in 2015 to become its Market President and Publisher. The Chronicle is one of the largest and most successful business journals in the United States. It is the flagship for American City Business Journals Inc., which has business journals in 43 markets throughout the country.

David began his career in Atlanta with Atlanta Business Chronicle in 1989 to cover banking, investment, and real estate industries. He later served as managing editor and editor of the Chronicle until he joined Ketchum Public Relations as its senior vice president in late 1998. In 2003, David was tapped by Equifax to lead the company's global communications team; and in 2008 struck out on his own to start Rubinger Inc., a boutique corporate communications firm before returning "home" to the Chronicle in 2015.

A native of New York City, David is a graduate of Trinity College in Hartford, CT, where he received a B.A. in government. He is a member of Leadership Atlanta, Emory University Board of Visitors and Emory's Center for Ethics. David is on the board of the Metro Atlanta Chamber and the Atlanta Convention and Visitors Bureau. He lives in Ansley Park with his wife, Hedy, who chairs the healthcare practice at law firm Arnall Golden Gregory.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Registration coming soon

(Back to top)


Chapter Meeting for September
Thursday, Sep 26, 2019

"Beyond Cybersecurity: Why, How, and What Do You Need to Know about Cyber Resilience?"

Michael Melore
IBM

New methods are required to address threats increasing in frequency, sophistication, and impact, in an increasing climate of cost constraints, and resource and skills shortage. Traditional security controls and response can't possibly keep pace.

Private and State sponsored dark web actors are well orchestrated, using innovative AI technologies, leveraging Digital Currencies, their R&D producing wares designed to circumvent traditional security practices have changed the game. You now require innovative security approaches.

The art of effective Threat Hunting, Advanced Analytics, Incident Response, and Cognitive Security are the new Cyber Resilience model.

IBM Cyber Security Advisor, Certified Information Systems Security Professional, author, and recognized subject matter expert in Security Intelligence, Identity Access Governance, and Authorization. Consulting roles include: Lead architect for many of the largest authentication and authorization infrastructures. This includes Billion user authentication infrastructures.

Speaking engagements include passionate discussions correlating blended threats across physical and logical infrastructure boundaries, Security Intelligence and Response, Identity Access Management and Governance, Security Visibility and Response, Defense in Depth, Security Immune Systems, Cloud Security, Business Process Risk Modeling, and Billion User Identity Crisis.

Conference and Summit speaking engagements include key notes, panelist, moderator: IANS Chicago, Executive Alliance CXO Summits across US cities, Executive Network CISO Chapter Meetings across US cities, ISACA Pittsburgh Information Security Awareness Day, ISSA, Fl Cyber Conference, APQC, Rochester Security Summit, Nebraska Cyber Security Conference, Evanta CISO Summits across US cities.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Registration coming soon

(Back to top)


Chapter Meeting for October
Thursday, Oct 31, 2019

"Stopping Threats Faster with NextGen SIEM and SOAR"

Jim Mason
LogRhythm

Today's attackers are resourceful, patient, ruthless and leverage the power of numbers. Organizations often lack the manpower, processes, speed, and technology to combat these attackers. In this session, we will explore using NextGen SIEM, Machine Analytics and Security Orchestration, Automation & Response (SOAR) to enable rapid threat detection and remediation.

Jim Mason, CISSP is an Enterprise Sales Engineer with LogRhythm, specializing in SIEM, log management, network & endpoint monitoring, forensics and security analytics. He has nearly 30 years of Information Systems experience, including tenures at A10 Networks, Riverbed Technology, Fortinet, Cisco Systems, Foundry Networks and Anixter. Jim is a native of Philadelphia, PA and has resided in the Charlotte, NC area since 1994.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Registration coming soon

(Back to top)


Jan / Feb / Mar / Apr / May / Jun / Jul / Aug / Sep / Oct / Nov / Dec


Chapter Meeting for January
Thursday, Jan 25, 2018

"The Impact of GDPR on US Companies"

Bruno Haring
Cybersecurity and Privacy Director at PwC

Logo

The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25, 2018, creating challenges for every organization doing business in the EU before, during and after the deadline. Any entity targeting or monitoring European citizens will need to comply with GDPR. As the largest change to data protection legislation in the last 20 years, GDPR gives regulators unprecedented power to impose fines, requiring widescale privacy changes across organizations - including US-based companies if they conduct business in Europe. The regulation requires a programmatic approach to data protection - like “SOX for privacy” - ¬†so you’ll need a defensible program for compliance and to prove you’re acting appropriately. Learn about the scope and requirements of GDPR and what is required to achieve compliance.

Bruno is a Director and Market Leader with PwC's Cybersecurity and Privacy practice based in Atlanta, GA. With over twenty one years of experience, both nationally and internationally, in cybersecurity and IT risk management and transformation, Bruno helps Fortune 500 organizations navigate and address cybersecurity, IT and governance risks resulting in improved business performance and value.

Bruno focuses in emerging technology and digital risks by working with the Board, C-level suite and Internal Audit tackle information security as a business issue and to improve the organization’s cybersecurity defensible posture and risk management program disciplines. Bruno has a strong background in assessing and implementing cybersecurity, privacy, IT risk, business resiliency, vendor risk, and data protection programs; and delivering third party assurance and IT Internal Audit engagements. Bruno also leads teams in penetration testing and vulnerability assessments, threat modeling, and secure adoption of Cloud based solutions.

Bruno is a proven practice leader, has published thought leadership, is a frequent speaker at various professional associations, and also helps organizations implement and assess against various security, regulatory and compliance frameworks, including ISO27001/2, COBIT, NIST, GDPR, PCI, ISF, and HIPAA. In addition, Bruno has significant experience in the supervision of large scale IT initiatives, and advisory oversight of technology integration engagements.

Prior to joining PwC, Bruno served as an Information Security and IT Risk advisor and competency leader in EY's Advisory practice and in Andersen’s (formerly Arthur Andersen) Business Consulting practice, and in the Global Technology Integration Services group in Andersen Consulting (now Accenture) where he had lead application and data architecture design and development responsibilities nationally.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for February
Thursday, Feb 22, 2018

"The White House and its Dependable Security"

Mark Gelhardt
VP, Technology Governance at Elavon

Logo

Talk about The White House and its Physical Security and its Information Technology Security - what makes it DEPENDABLE and how can you transfer that same type of thinking to what you do in your business.

Mark has over 35 years of experience in providing Executive Level management in the area Information Technology and Information Security fields as a CIO, CSO, and CISO.

Mark started his working career in the Army and retired as a Colonel (select). At the pinnacle of Mark's career he was nominated and selection to work at the White House as the CIO/CISO equivalent, supporting President Clinton, the VP, the White House Staff, and the U.S. Secret Service managing all the classified automation and telecommunications for the Executive Branch.

Since retiring from the Army, Mark has held several executive leadership positions; CIO/CSO for World Airways/Global Areo Logistics (US largest long haul charter airline), Deputy CIO of Global Operations/CISO for InterCall/West (World's largest conferencing company), CISO for TravelClick (SAS in the hospitality space), Acting/Interim CISO for the Georgia Lottery and NCR.

Currently Mark is the AVP, Cyber Risk Remediation for US Bank/Elavon. Mark has been with US Bank/Elavon for 2 half years. Elavon is one of the top five Credit Card processor in the world.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for March
Thursday, Mar 29, 2018

"I See What You Say! Effectively Communicating With Non-Technical Staff"

Tamika Bass
CISO at Georgia Department of Public Health

Logo

You know it's important to talk to your user, but sometimes they just don't get it. This interactive session focuses on techniques for communicating effectively with non-technical staff. It examines some of the concepts around communication, that we, as IT professionals, don't think about.

Tamika is an Information Security professional with extensive experience in information security. Her expertise includes assessing and mitigating risk, analyzing impacts, business continuity and disaster recovery planning. Tamika focuses on building cohesive relationships with all levels of staff, management, and suppliers. She holds a Master in Business Administration and a Master in Information Systems Management. She is an adjunct professor and is a Certified Information Security Auditor (CISA). Tamika is also certified in Risk and Information Security Controls (CRISC) and a Certified Business Continuity Planner (CBCP).

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for April
Thursday, Apr 26, 2018

"Practitioners Approach to Defending against Today's Advanced Adversaries"

Barry Hensley
Chief Threat Intel Officer/SVP at SecureWorks

Logo

Barry Hensley, SVP Chief Threat Intelligence Officer is responsible for the SecureWorks Cyber Threat Analysis Centers (CTAC), the Counter Threat Unit (CTU) Security Research Group and the company's global Incident Response (R) Teams. The CTAC includes GIAC certified security analysts, ranging from front line triage personnel to senior intrusion analysts. The CTU is comprised of the nation's top security experts who identify and analyze emerging cyber threats as well as support incident response engagements with relevant threat intelligence and adversarial context. The CTU also develops high fidelity endpoint and network countermeasures in support of thousands of managed security clients worldwide.

Before joining SecureWorks, Colonel (Ret) Barry R. Hensley was the Director of the Army's Global Network Operations and Security Center (AGNOSC) and was also the Director of Operations, Joint Task Force Global Network Operations (JTF-GNO), which was incorporated into today's U.S. Cyber Command. He has served in various leadership positions within the communications and information security career field throughout his 24 year Army career.

COL (Ret) Hensley holds a BBA in Information Systems from Georgia Southern University, an M.S. in Telecommunications from the University of Colorado, and is a graduate of the National War College. COL Hensley was named the 2009 Georgia Southern University Alumnus of the Year for the College of Information Technology and was named by Federal Computer Week as a 2008 "Federal 100" winner, a select group of top executives in the Federal IT industry.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for May at SecureWorld
Wednesday, May 30, 2018

"Business Language for Cybersecurity with the COSO Enterprise Risk Framework"

Lynn Goodendorf
Director of Information Security (CISO) at Mandarin Oriental Hotel Group

Logo

The COSO Enterprise Risk Management Framework was updated in June of 2017. This new version offers a methodology that can be applied to managing cybersecurity risks. This presentation will cover the key concepts and principles of the COSO framework using realistic examples to show how cybersecurity can follow a true risk based strategy without sacrificing necessary compliance requirements.

Lynn is the Director of Information Security for the Mandarin Oriental Hotel Group with a global scope of responsibility for the information security policies and program at all hotels and corporate offices. She is known for a strategic and risk-based approach with over 25 years of leadership in technology, cybersecurity, data privacy and risk management.

Lynn has been a speaker at ISACA, Infragard's A-List, Secure World and other professional security events and has published articles with TechTarget, Hospitality Upgrade and White Collar Crime Fighter. Her professional associations include ISSA, IAPP and InfraGard, a cybersecurity partnership between the FBI and private sector.

Location:
Cobb Galleria Centre
2 Galleria Parkway Southeast
Atlanta, GA 30339

Time:
3:oo pm - 4:00 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Career Day
Saturday, June 23, 2018

"Tools for Securing the Position"

The Metro Atlanta ISSA Chapter is hosting a career day event to help promote career development of Junior to Midlevel Information Security professionals in the Atlanta area.

Please note that while participation in this event is provided free of charge by Metro Atlanta ISSA, participants must register to attend by June 18th. Limited seats are available. Complimentary parking validation for attendees. For additional questions, please send email to careers[at]gaissa[dot]org with any questions.

Click here to download flyer.

Location:
Loudermilk Conference Center
40 Courtland St NE
Atlanta, GA 30303

Time:
8:00 am to 12:30 pm

Map

Click here to register

(Back to top)


Chapter Meeting for June
Thursday, June 28, 2018

"Developing the Security Leader Within You"

Keyaan Williams
President at ISSA International

Logo

Keyaan Williams will provide a professional development conversation that focuses on the knowledge, skills, and aptitudes in which security professionals should invest to become effective leaders regardless of their HR title or the position. Because security is the linchpin for modern business, our professionals can have a significant influence on the success of their organizations. This power is not limited to the people who work as a CISOs or serve in other executive security positions. Join us for the June 2018 meeting of the Metro Atlanta ISSA to learn more about what every security practitioner can do to be an indispensable leader in his or her organization.

Keyaan has focused on management of information security risk, compliance, and internal controls for regulated enterprises during the last decade working as a risk management executive. He has helped global enterprises, governments, universities, small businesses, and startups develop solutions that satisfy legal, regulatory, and operational requirements. He has a strong technical and analytical background, but he gravitates toward strategic planning and solving complex business problems. This experience has helped him understand that investing in the right balance of people, processes, policies, and technology can produce any outcome an organization desires.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for July
Thursday, July 26, 2018

"Using Tactical Honeypots for Network Security Monitoring"

Chris Sanders
Information Security Author, Researcher, Trainer & Founder of Applied Network Defense

Logo

A strong detection and response capability is required for the success of security program because prevention eventually fails and a motivated attacker can always find a way in. However, economics are not in favor of network security monitoring (NSM). Due to the hardware, software, and labor required it's expensive to deploy an NSM capability and hire qualified analysts to maintain and investigate the high volume of alerts, especially at scale.
In this presentation I'll discuss how honeypots are re-emerging as a practical solution for driving down the cost of network security monitoring. These aren't your traditional honeypots meant to sit outside the firewall to research automated malware. These are focused, use case specific honeypots that are designed to provide detection with a favorable signal to noise ratio. By integrating honeypots into your NSM strategy and taking a targeted approach, a grid of honeypots can realistically become your most cost effective detection tool. I'll make the case for honeypots like these and discuss implementation strategies that I've seen work. You should come away from this presentation with a unique perspective on honeypots and an actionable plan you can use to start evaluating and deploying tactical honeypots in your network.

Chris is an information security author, trainer, and researcher originally from Mayfield, KY but now living in Gainesville, GA. He is the founder of Applied Network Defense, a company focused on delivering high quality, accessible information security training. In previous roles, Chris worked with the US Department of Defense, InGuardians, and Mandiant to build security operation centers and train practitioners focused on defending defense, government, and Fortune 500 networks. Chris is also the founder and director of the Rural Technology Fund, a non-profit that donates scholarships and equipment to public schools to further technical education in rural and high poverty areas. In 2016, the RTF put computer science education resources into the hands of over 10,000 students.

Chris has authored several books and articles, including the international best seller "Practical Packet Analysis" from No Starch Press, currently in its third edition and in seven languages, and "Applied Network Security Monitoring" from Syngress. His current research focus is the intersection of cyber defense and cognitive psychology to enhance the field of security investigative technique through a better understanding of the human thought and learning processes.

Chris blogs at http://www.chrissanders.org. You can learn more about Applied Network Defense at http://www.appliednetworkdefense.com and the RTF at http://www.ruraltechfund.org.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Webinar with Keyaan Williams
Friday, July 27, 2018

"Developing the Security Leader Within You"

Keyaan Williams
President at ISSA International

Logo

This webinar is the online version of a presentation planned for the June chapter meeting of the Metro Atlanta ISSA. This is a professional development conversation that focuses on the knowledge, skills, and aptitudes in which security professionals should invest to become effective leaders regardless of their title or position. Because security is the linchpin for modern business, security professionals can have a significant influence on the success of their organizations. This influence is not limited to the people who work as a CISO or security executive. Join us to learn more about what every security practitioner can do to be an indispensable leader in his or her organization.

Location: Webinar

Time:
12:00 pm to 1:00 pm

Earn CPE credits with attendance

Click here to register

(Back to top)


Capture The Flag (CTF) Workshop
Saturday, July 28, 2018

Matt Robinson, OSCP
Zachary S. Stashis, OSCP, GPEN, GSLC

We are proud to announce our one day training on Capture The Flag(CTF) on Saturday July 28, 2018. This is the free event for our chapter members. If you are non-members, you can pay $125 to join the Metra Atlanta ISSA chapter and attend the training for free.

The first two hours we'll cover passive and active reconnaissance. The next two hours will then cover exploitation and post exploitation of two to three systems. After a lunch break, we'll start a Network King of the Hill (NetKotH) style CTF for the attendees to practice skills learned in the morning.

Agenda:

  • 08:00 - Arrive, connect to WiFi, copy materials for workshop
  • 08:30 - Passive and Active Recon
  • 10:20 - Break
  • 10:30 - Exploitation and Post Exploitation
  • 12:00 - Lunch
  • 13:00 - Introduce and begin NetKotH CTF
  • 16:30 - Wrap up, any final questions, copy of materials, etc
  • 17:00 - Finish

Attendee Requirements:

  • Must bring their own system. Most modern laptops are acceptable. Must know Virtual Machine and Kali Linux.
  • Must be able to run at least one virtual machine. The most recent version of Virtualbox is recommended, but the most recent version of VMWare is also acceptable.
  • Kali Linux VM Download

Location:
Macy's
5985 State Bridge Rd.
Duluth, GA 30097

Time:
8:00 am to 5:00 pm

Map

Click here to register

(Back to top)


2018 CISSP Training
Saturday, August 25, 2018 - Saturday, October 20, 2018

We would like to invite chapter members to participate in our annual 2018 CISSP training.
DID I MENTION WE AWARD THE ROY WILKINSON SCHOLARSHIP FOR ONE OF THE CHAPTER MEMBERS ATTENDING?

The purpose of the $600.00 scholarship is to offset the cost of the CISSP exam. One member who attends the training will be awarded the scholarship based on attendance and other criteria established by the chapter. If you know of someone who is not yet a chapter member, please encourage them to join to take advantage of this valuable training and the many benefits of being an ISSA member!

THE CLASS WILL MEET EVERY SATURDAY FROM 10:00 AM TO 3:00 PM. YOU MUST BE A METRO ATLANTA ISSA CHAPTER MEMBER TO ATTEND. IF YOU HAVE NOT YET JOINED, PLEASE DO BEFORE REGISTERING FOR THE CLASS.

In addition, participants are required to register for an exam date after October 20th. You will need to submit your exam date and Candidate ID upon registration before the first class and bring the copy with you on the first day of class.

Location:
Georgia Hospital Association
1675 Terrell Mill Road
Marietta, GA 30067

Time:
10:00 am to 3:00 pm

Map

Click here to register

(Back to top)


Chapter Meeting for August
Thursday, Aug 30, 2018

"Five Key Lessons for CISOs"

Deborah Wheeler
Chief Information Security Officer at Delta Airlines

Logo

I've been in security for almost 30 years now and learned quite a bit that I'd like to pass along. Most individuals already have access to a number of technical summits and conferences where they are inundated with the threats, malware and tactics being used to infiltrate and wreak havoc in organizations. But there is more to security than this. This presentation will share five of the key lessons learned over the course of my career that aspiring CISOs, or anyone in the security space could hopefully learn from and use in their own careers.

Deborah is a Global Information Security Executive with 25 years of experience in the technology sector, and 20 years in Financial Services. Deborah is currently the first, Global Chief Information Security Officer for Delta Air Lines, having joined the company in February 2017. Previous experiences include roles as Chief Information Security Officer for Fifth Third Bank, Ally Financial, and Freddie Mac, as well as Director of Information Security Program at JPMorgan Chase, and PNC Bank.

Deborah was nominated for, and won the People's Choice Award for CISO of the Year in 2007, and has served on the Customer Advisory Boards for Symantec and Axent Technologies. Deborah is a board member of the Aviation ISAC (A-ISAC) and a member of the IBM Security Board of Advisors. Deborah has previously served as a Governing Board Chair for Evanta's CISO Executive Forum in Washington, DC, and has served in the same capacity for the CISO Executive Boards in Michigan and Ohio. Deborah has also served as a judge on the Washington, DC Women in Information Technology (WIT) board and as a judge for the Washington, DC SINET event.

Deborah holds a CISSP certification and is a graduate of the University of Colorado with a Bachelor of Science degree in Information Systems Management.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Women in Security
Monday, Sep 10, 2018

"JOIN US FOR THE WOMEN IN SECURITY EVENT"

We hope that you can join the Metro Atlanta ISSA Chapter on September 10th for their upcoming Women in Security event. In addition to a reception with networking opportunities, this year's event will also feature a speaker session and a panel, both led by Marci McCarthy, CEO & President, T.E.N. Below, you can find more information about each.

Flyer coming soon.

Location:
One Alliance Center
SAP America
3500 Lenox Rd
GT12
Atlanta, GA 30326

Time:
3:30 pm to 7:00 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for September
Thursday, Sep 27, 2018

"Threat Hunting - Answering the question, What's on Your Network?"

Ray Strubinger
Managing Consultant for Digital Forensics & Incident Response at VerSprite

Logo

Threat hunting is a collection of techniques that attempts to determine if malicious activities are taking place in an organization's computing environment. Threat hunting often takes place after a known or suspected compromise and is used to confirm the incident and determine its extent.

Many organizations use threat hunting to assess the capabilities of their security infrastructure as the techniques in threat hunting provide a 'check and balance' against traditional security technology. Recently many organizations have expanded their use of threat hunting to supplement their merger and acquisition efforts. Ray Strubinger, Managing Consultant for Digital Forensics & Incident Response at VerSprite has lead threat hunting efforts in each of the above scenarios and will share his experiences and the lessons learned from assessing diverse environments. The presentation will share an adaptive, heuristic approach that has been successfully used to identify compromised assets, rogue accounts, unauthorized software, organizational policy violations and poor security practices.

Ray is an Information Security practitioner whose career experience includes financial services, healthcare, higher education, startups and consulting. He is the Managing Consultant for Digital Forensics & Incident Response with VerSprite, an Atlanta based cyber security firm.

Ray has built international teams that delivered around the clock monitoring and response capabilities, guided organizations through complex breach responses and mentored new professionals to the field. He is a CISM and holds certifications from the SANS Institute in the areas of digital forensics, incident response and auditing as well as an MBA from the Georgia Institute of Technology.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


2018 ISSA International Conference
Oct 17 - 18, 2018

"Securing Tomorrow Today"

Logo

Join us October 17 - 18, 2018 at the Georgia World Congress Center in Atlanta for solution oriented, proactive and innovative sessions focused on Securing Tomorrow Today.

Every day, cyber threats become increasingly intricate and difficult to detect. No cyber security professional can become an expert on these dangers without continued efforts to educate themselves on the industry's latest trends and technologies.

Location:
Georgia World Congress Center
285 Andrew Young International Blvd NW
Atlanta, GA 30313

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Chapter Meeting for November
Thursday, Nov 29, 2018

"A Conversation of Cyber Resilience and Operation Under Maximum Stress"

Nicole Keaton Hart
Cybersecurity Strategist & Chief Information Officer | Public & Private Sector

Beyond, the massive amount of valuable data housed by state and local agencies for a multitude of reasons have become an attractive target for cybercriminals. While there are many similarities stark differences exist between private sector organizations and local government municipalities. Yet each must be prepared to operate under maximum stress whether instantiated by cyberattack or other external events and factors.

During the presentation Keaton Hart will provide a compare and contrast style dialogue differentiating between private and public sector requirements of cyber resilience.

Nicole is an influential leader with the ability to act as a cultural change agent, driving security and digital transformation initiatives. During her IT career spanning more than 20 years, she has held key Senior Leadership and Strategic Executive Advisory CIO and CISO Roles while keenly focused on ensuring IT, Business and Cyber Security operate in harmony. Previously she held executive leadership roles such Senior Vice President of SunTrust Bank. Nicole has lead comprehensive cross-organizational initiatives in support of business goals and objectives within Financial Services, Insurance, Retail, Healthcare Technology, Consumer Packaged Goods and Oil and Gas industries. Today, Nicole spends most of her time serving in the capacity of Cybersecurity Strategist and Deputy Chief Information Officer balancing competing priorities of Digital Transformation and Cyber Security.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)


Mapping Application Security Defects to OWASP and STRIDE
Saturday, Dec 8, 2018

Damien Suggs
Conference Chair / Board Member | ISSA Metro Atlanta

Damien has been in the IT Security Field in various capacities for over twenty years working in environments such as telecommunications, the public sector, healthcare, and retail. Mr. Suggs has extensive experience in PCI compliance, NIST and HIPAA regulations, and EHNAC regulatory compliance. Mr. Suggs spearheaded the effort to ramp of HIPAA regulatory compliance for AT&T when the HITECH act was enacted as part of the American Recovery and Reinvestment Act of 2009 that brought AT&T, a backbone carrier of sensitive personally identifiable information, into scope for HIPAA requirements. Mr. Suggs also worked with AT&T and Aarons to obtain PCI accreditation annually by verifying security controls from both a network and web application perspective.

Damien is well versed in ethical hacking and penetration testing both from an application and network perspective. He is also well versed in Python scripting and the use of many open source and commercialized tools that work together to create a secure computing environment and assist in the implementation of a secure software development life cycle. Mr. Suggs has extensive experience in the use of LockPath Keylight GRC architecture.

Damien is a leader in the IT Security area and is the immediate past president of the Metro-Atlanta ISSA chapter. He served as president for five years; however, during his eight-year relationship with the Metro-Atlanta ISSA chapter he assisted the chapter grow in roles such as Director of Membership, Director of Training, Conference Chair and Chapter Secretary. Mr. Suggs holds twenty three IT security certifications including the CISSP, SANS GPEN, MSCE, CCNA, CCNA, and CCNE.

Course Outline:

This course will explain all of the components that go into an application security program and how to deliver effective metrics to upper-management to make educated decisions in steering the software development lifecycle to a higher security posture.

  • Overview of S-SDLC Components
    • Dynamic Application Security Testing (DAST)
    • Source code (or Static) Application Security Testing (SAST)
    • Threat Modeling
    • Risk Based Security Tests
    • Abuse Cases
    • Security Requirements
    • Security Operations
  • Overview of OWASP
  • Overview of STRIDE
  • Workshop
  • Reporting of Metrics

Location:
Georgia Hospital Association
1675 Terrell Mill Road
Marietta, GA 30067

Time:
8:00 am to 5:00 pm

Map

Earn CPE credits with attendance

Click here to register

(Back to top)