October 19, 2010

The Privileged Challenge
Michael Wrightson, Cyber-Ark Software

 

Abstract
IT security managers have spent billions of dollars in securing the parameters of their organizations to keep out those who would bring harm to their internal networks. However in recent years, there is more awareness around a particularly insidious threat. It's the insider threat. According to CERT, of the insiders who have either maliciously or accidently exposed critical information on a network; 90% percent of them were given administrative rights to critical systems.

Cyber-Ark will present a discussion on this very serious problem that EVERY organization faces. This presentation called "The'Privileged' Challenge" will discuss how the threat manifests itself, how widespread it is, who typically perpetrates these serious crimes and the best practices for protecting your organization. 

 

About the Speaker
After earning his degree in 1995, Michael joined Carrier Corporation in Syracuse, New York, as a Sr. Messaging Analyst. Michael lead the drive in implementing 18,000 desktops of cc:Mail worldwide and then later the conversion to Microsoft Exchange Server.

In 2000, Michael joined Discus Data where he sold software solutions that helped companies better manage Microsoft Exchange Server. Michael then moved to Aelita Software based in Columbus, Ohio, which was in 2004 acquired by Quest Software. At Quest/Aelita, Michael specialized in identity and access management software solutions. Michael then became manager of all the pre-sales engineers in the Northeast region for Quest Software. In 2006 Michael left a successful career at Quest and moved to a startup specializing in data classification based in Alpharetta, Georgia.

In September 2009 Michael joined Cyber-Ark Software, the market leader in enterprise privileged identity management and a visionary in highly sensitive data security. Today, Michael serves the Manager of Channels for the east coast region of the United States and the Caribbean. Michael manages the relationship between Cyber-Ark and its regional partners such as DLT Solutions, Fishnet Security, Cadre Information Security, Gotham Technology Group and many others.

 

 

 Please RSVP if you plan to attend.

October 19, 2010 6:30 PM

Government Printing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

Note that ID is required for security.  Must pass through metal detector and bags will be x-rayed. Each guest must pass through a metal detector.  The guards will then take him or her to a reception area for ID check. The ID will be exchanged for a visitor badge, and the guest can then be escorted to the meeting room. 

September 15, 2009

September Meeting Topic:
Software Development: The Next Security Frontier
An Introduction to the CSSLP Certification

Glenn Johnson, Certification Consultant
ISC2

According to Gartner Group, over 70% of security software vulnerabilities exist at the application layer, yet there has been little focus on this critical security area.

  •  
    • Why do we need secure software?
    • What does it take to build secure software?
    • Developing a professional standard in software development.
    • Elements of effective software security programs.
    • Security programs are valuable both for commercial software and in-house development
    • About the Certified Software Security Lifecycle Practitioner Certification
       

About Glenn Johnson
Glenn Johnson is a senior certification consultant for (ISC)2.  Prior to joining (ISC)2 Glenn  amassed more than 15 years  of experience as a business development  director in the shipping, tracking, and database delivery software solutions.

Glenn transitioned to the (ISC)2  team in the beginning of 2007 and this past November  took over business development for the CSSLP (Certified Secure Software Lifecycle Professional).  In March of 2009 he built the first/beta CSSLP Education Seminar by inviting organizations like Boeing, EDS, Raytheon, and many others to provide industry input and critique to the existing CSSLP Seminar for final release. The original version was created with the input of ISSA, Microsoft, The Department of Homeland Security, Symantec, Cisco, Xerox, SAFEcode, BASDA, SANS, DSCI, and SRA International.

The CSSLP Education Seminar is now complete and Glenn is working with many major organizations, federal integrators, as well as small private companies to establish security initiatives in the software development lifecycle, or simply to convey their existing proficiency through certification.


September 15, 2009 6:30 PM

740 15th Street NW
4th floor
Washington, DC 20005

Click here for details.

Please RSVP if you plan to attend.   

September 16, 2008

 


Computer Forensics Jujitsu

Inno Eroraha, CISSP, ISSAP, ISSMP, CISM, CISA, CHFI, CCSE, CCSA, SVI, PI

Founder and Chief Strategist -- NetSecurity Corporation

A cyber crime has been committed. The computer used has been identified and is still up and running. The user ("suspect"), "Natalie Kampbell," is claiming that a malware on the system must have downloaded the illicit pornography onto the computer on her behalf. You have been recruited as the forensics professional to conduct this investigation involving Ms. Kampbell, who was still sitting at her computer when the investigators showed up at the doorstep. What steps would you take to find reasonable evidence?

The above scenario is too common today. This presentation walks through the steps that a first responder can execute to produce necessary forensics artifacts that can withstand legal scrutiny of opposing counsel, using just a USB boot disk loaded with forensics tools.

Tuesday September 16, 2008

6:30 PM - 8:00 PM


Location

Radio Free Asia

2025 M St. NW Washington DC

First Floor Conference Room

An accurate headcount really helps our planning.
Please RSVP to  This email address is being protected from spambots. You need JavaScript enabled to view it.

Speaker's Background

Inno Eroraha is the founder and chief strategist of NetSecurity Corporation, a company that provides digital forensics, hands-on security consulting, and Hands-on How-To(r) training solutions that are high-quality, timely, and customer-focused. In this role, Mr. Eroraha helps clients plan, formulate, and execute the best security and forensics strategy that aligns with their business goals and priorities. He has consulted with Fortune 500 companies, IRS, DHS, VA, DoD, and other entities.

Before founding NetSecurity, Mr. Eroraha was a senior manager of information security at Verisign, Inc. In this capacity, he led and established information security business direction, enforced security policies, developed processes for carrying out best practices to protect critical Internet infrastructures. As an advocate, he significantly heightened security awareness among internal and external software developers, customer service, operations personnel, and senior decision makers.