ISSA-NE.org
  • Home
  • Events
    • March Blue Team Workshop
  • Sponsors
    • Cybereason
    • Sayers
    • digital shadows
    • Semperis
    • knectIQ
  • Call for Speakers
  • About
  • Archive
    • 2021 Archive >
      • ISSANE at SecureWorld
      • Feb 2021 Webinar
    • 2020 Archive >
      • December 2020 Virtual ISSA NE Members-Only Roundtable
      • November 2020 Virtual ISSA NE Annual Meeting
      • 2020 October ISSA NE Red Team Hunt
      • Virtual 4th Annual Boston Cyber Security Summit - Nov. 5, 2020
      • 2020 September Webinar
      • Cyber Security Summit POWERHOUR - July 2020
      • 2020 June Webinar
      • 2020 May Webinar
      • 2020 April Webinar
      • 2020 February Zoom Meeting
      • SkiCon New England - Feb. 2020
    • 2019 Archives >
      • ISSA NE December 2019 Members-Only Roundtable
      • SANS Boston event - April 2019
      • 2019 November Chapter Meeting
      • 2019 ISSA NE February Tech Talk
      • 2019 May Chapter Meeting
      • 2019 July Chapter Meeting
      • ISSA NE Chapter Meeting at SecureWorld Boston
      • Cloud Security Alliance 2019 Boston Chapter Forum
      • October 2019 Cybereason event > Prevent Cyber Stalking
      • 2019 SecureWorld Boston
    • 2018 Archives >
      • 2018 November 7 Chapter Meeting
      • 2018 Cybereason > The AI Hunting Tour
      • 2018 September Chapter Meeting
      • 2018 ISSA NE Briefing
    • 2017 Archives >
      • 2017 Annual Chapter Meeting & 30th Anniversary Celebration
      • 2017 September Chapter Meeting
      • 2017 Annual Sponsor Expo and Chapter Meeting
      • 2017 April Chapter Meeting
      • 2017 March ISSA-NE Breakfast and Presentation at SecureWorld
  • Contact

2018 September Chapter Meeting


You are invited to The ISSA New England Chapter's 2018 Chapter Meeting for a morning packed with well-known practitioners in the field of Information Security as well as networking with your peers.

Attendees will earn 4 CPEs

Where:                Boston Children’s Museum, 308 Congress St, Boston, MA 02210
When:                  Tuesday September 25th, 2018

AGENDA:
8.00am – 8.30am              Welcome and breakfast
8.30am – 9.20am              Improving Operations without Technology by Mark Abrams
9.25am – 10.15am            Align and Prioritize Your Cyber Risk Program Strategy by John Mumford, Fellsway Group,
10.30am – 11.15am         Hacking Your Enterprise by Reversing Engineering Your Mobile Apps by Tony Ramirez, Nowsecure
11.20am – 12.15pm         I Know Your Password by Patrick Laverty, Rapid 7
12.15pm – 12.30pm         Closing Comments
 
Improving Operations without Technology by Mark Abrams
Mark Abrams is a certified Lean Six Sigma Black Belt with over 14 years of experience improving processes in a variety of areas including: HR/Payroll, Call Centers, Warehouse Operations, Clean Room Manufacturing, Supply Chain, IT Help Desk, Professional Services and Security Operations Centers. He most recently spent 5 years at Akamai Technologies in Cambridge, Massachusetts, three of which were spent improving operations in their Professional Services and Global Security Operations Centers. He is a certified Lead Auditor for ISO 9001 and 27001. Mark is also the Chair of the American Society for Quality’s Government Division.
​
In today’s fast paced Network, Security Operations and IT environments, management faces a myriad of challenging scenarios that impact everything about their operation. Transactions overwhelm staff, operational risk increases each day and operational costs continue to rise as employee burnout also increases.  As such, it’s easy for management to turn to technology solutions to help improve their operations. What’s often forgotten about in complex technology environments are people, processes and communication.
 
 Align and Prioritize Your Cyber Risk Program Strategy by John Mumford, Fellsway Group
John Mumford, Director Global Security for Fellsway Group. John has extensive experience in Cyber Security program development, program strategy, implementation and management for multiple security solutions. John is on advisory boards for leading Cyber Security product vendor in GRC, IAM and Advanced Security analytics.

In today’s complex business environment, a comprehensive cyber risk management program based on your specific business and your unique brand is essential. In cybersecurity and cyber risk management, one size does not fit all. Every business is unique, with their own strategy, their own identity, and their own tolerance for risk. Fellsway Group’s belief is that all cyber risk management activities should be prioritized and aligned to the corporate strategy. We believe organizations need to create a culture of awareness and accountability to effectively protect their Brand. By quantifying cyber risk and putting risk decisions into business process owner’s hands, we can create your “Pathway to Risk Intelligence.”

Hacking Your Enterprise by Reversing Engineering Your Mobile Apps by Tony Ramirez, Mobile Security Analyst, NowSecure
As mobile security analyst at NowSecure, Tony Ramirez consults with customers and performs mobile app penetration testing of iOS and Android apps as part of the NowSecure Services team. Tony holds a master's degree in cyber forensics and security from Illinois Institute of Technology.
​
In this eye-opening session, Tony will uncover and expose how attackers identify and exploit mobile app security vulnerabilities in commercial and custom mobile apps to compromise your enterprise. Through a series of live scenarios using open source and commercial tools from the attacker POV, Tony will crack and exploit vulnerabilities in mobile apps to show how attackers steal sensitive data and gain access to systems…and then share best practices on how to protect yourself and your enterprise. Don't miss this event!

I Know Your Password by Patrick Laverty, Rapid 7
Patrick Laverty is a security consultant for Rapid7. Patrick works from home in Lincoln, RI where he is a penetration tester. He tests computer networks of all kinds and sizes, as well as web, API and mobile applications. He runs the Rhode Island based DefCon 401 group and created the Layer 8 social engineering conference held in Newport, RI in June.

Passwords can be the "keys to the kingdom". If you're only using passwords to access systems, you're trusting the strength of passwords to protect this access. Through research, Patrick has seen trends and patterns in the passwords that people choose. On nearly every penetration test, he can guess at least one user's password. With that single point of access, an attacker can then try to escalate privileges through the network. Patrick will show the research he has been doing about these password patterns as well as show you how you could get started in doing the same, along with some tips and tricks to speed up the process.
Presentation slides - see below for PDF's of the presentations.
fg_align_prioritize_issa-ne.pdf
File Size: 927 kb
File Type: pdf
Download File

improving_your_processes_without_technology_issa.pdf
File Size: 1244 kb
File Type: pdf
Download File

iknowyourpassword.pdf
File Size: 9319 kb
File Type: pdf
Download File

Powered by Create your own unique website with customizable templates.
  • Home
  • Events
    • March Blue Team Workshop
  • Sponsors
    • Cybereason
    • Sayers
    • digital shadows
    • Semperis
    • knectIQ
  • Call for Speakers
  • About
  • Archive
    • 2021 Archive >
      • ISSANE at SecureWorld
      • Feb 2021 Webinar
    • 2020 Archive >
      • December 2020 Virtual ISSA NE Members-Only Roundtable
      • November 2020 Virtual ISSA NE Annual Meeting
      • 2020 October ISSA NE Red Team Hunt
      • Virtual 4th Annual Boston Cyber Security Summit - Nov. 5, 2020
      • 2020 September Webinar
      • Cyber Security Summit POWERHOUR - July 2020
      • 2020 June Webinar
      • 2020 May Webinar
      • 2020 April Webinar
      • 2020 February Zoom Meeting
      • SkiCon New England - Feb. 2020
    • 2019 Archives >
      • ISSA NE December 2019 Members-Only Roundtable
      • SANS Boston event - April 2019
      • 2019 November Chapter Meeting
      • 2019 ISSA NE February Tech Talk
      • 2019 May Chapter Meeting
      • 2019 July Chapter Meeting
      • ISSA NE Chapter Meeting at SecureWorld Boston
      • Cloud Security Alliance 2019 Boston Chapter Forum
      • October 2019 Cybereason event > Prevent Cyber Stalking
      • 2019 SecureWorld Boston
    • 2018 Archives >
      • 2018 November 7 Chapter Meeting
      • 2018 Cybereason > The AI Hunting Tour
      • 2018 September Chapter Meeting
      • 2018 ISSA NE Briefing
    • 2017 Archives >
      • 2017 Annual Chapter Meeting & 30th Anniversary Celebration
      • 2017 September Chapter Meeting
      • 2017 Annual Sponsor Expo and Chapter Meeting
      • 2017 April Chapter Meeting
      • 2017 March ISSA-NE Breakfast and Presentation at SecureWorld
  • Contact