FutureCon: Columbus CyberSecurity Conference
Aug
21
8:00 AM08:00

FutureCon: Columbus CyberSecurity Conference

  • DoubleTree Suites by Hilton Hotel (map)
  • Google Calendar ICS

 ISSA would like to invite our members with a complimentary pass. 

Please use the promo code ISSA to register for a full day pass.

8 CPE CREDITS

“Cybersecurity is no longer just an IT problem"

Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology and interact with the world's security leaders and gain other pressing topics of interest to the information security community.    

This event is being documented for a CISO series by Cybercrime Magazine.

A collaboration of CISO interviews are being conducted at each event.

Schedule

8:00 AM – 8:50 AM: Networking Coffee and Lite Fare

8:50 AM - 9:00 AM: Welcome and introductions

9:00 AM - 9:30 AM: DESTROYER: Why Intelligence in InfoSec Matters

9:30 AM - 10:00 AM: BTEP (Barracuda Total Email Protection)

10:00 AM - 10:30 AM: Vendor and Peer Networking

10:30 AM - 11:00 AM: Cyber Defense…Try Offense: Six practices in cybersecurity for IT and Execs to beat Hackers and satisfy Regulators. Here’s how it’s done.

11:00 AM - 11:30 AM: Managing the Modern Attack Surface with a Ground-Breaking New Innovation - Predictive Prioritization

11:30 AM - 11:50 AM: Vendor and Peer Networking

11:50 AM - 1:00 PM: Keynote Speaker, Deneen Defiore, “Practical Approaches to Security Operations”

1:00 PM - 1:20 PM: Vendor and Peer Networking

1:25 PM - 1:55 PM: Overview of Zero Trust

2:00 PM - 2:30 PM: Network Data: Powering the Modern SOC

2:30 PM - 2:45 PM: Vendor and Peer Networking

2:45 PM - 3:15 PM: The Shift to Self-Learning, Self-Defending Networks

3:15 PM - 3:45 PM: Is AI a Silver Bullet in Cyber Security?

4:00 PM - 4:45 PM: Panel Discussion: Proving Cyber Security Effectiveness

4:45 PM - 6:00 PM: Closing Remarks/Networking Cocktail Reception

View Event →
Fall 2019 CISSP Class
Sep
5
to Dec 5

Fall 2019 CISSP Class

  • The Ohio State University Airport (map)
  • Google Calendar ICS

40+ HOURS of instructor-led training to help you prepare for the (ISC)2 Certified Information Systems Security Professional (CISSP) exam.

About this Event

The Central Ohio ISSA Fall CISSP prep classes will be held on Thursday evenings from 6 - 9 PM at The Ohio State University Airport event space.

ISSA membership information at: https://www.issa.com/member-benefits/join-issa

Members: $295

Non-Members: $500

September 5 - Kickoff

September 12 - Security and Risk Management - Part 1 (Security GRC)

September 19 - Security and Risk Management - Part 2 (Law & Ethics)

September 26 - Asset Security

October 3 - Security Engineering - Part 1 (Security Architecture)

October 10 - Communications & Network Security - Part 1

October 17 - Communications & Network Security - Part 2

October 24 - Security Engineering - Part 2 (Cryptography)

October 31 - Identity and Access Management (Access Control)

November 7 - Security Assessment and Testing & and Physical Security

November 14 - Security Operations (Operations Security & BCP/DRP)

November 21 - Software Development Security (Application Security)

November 28 - No class (Happy Thanksgiving!)

December 5 - Wrap-up, practice exam, open study, pizza

View Event →
2019 Central Ohio ISSA Golf Outing
Sep
23
8:30 AM08:30

2019 Central Ohio ISSA Golf Outing

  • The Country Club Muirfield Village (map)
  • Google Calendar ICS

Description

Join us for our annual golf outing at the beautiful Country Club at Muirfield Village! All tickets include 18 holes, cart, 2 drink tickets, lunch at the turn, and reception following the tournament.

Check-In: 8:30am

Shotgun Start: 10:00am


** Reception will begin immediately after tournament **


Club Rentals: Golf clubs are available for rent at the country club. Please indicate during registration if you need to rent clubs, and we will put you in touch with the proper contact at the country club.

Registration: You may register as an individual or as part of a team, including the ability to create a team and invite others to your team (ISSA Member and Non-Member tickets only)! We will do our best to keep requested teams together.

Refund Policy: No refunds; however, you may transfer your ticket to another person.

 
View Event →

(ISC)² Central Ohio Chapter - Security MBA Meeting
Aug
5
5:30 PM17:30

(ISC)² Central Ohio Chapter - Security MBA Meeting

Security MBA  (Masters of Beer Appreciation) is a member driven, vendor neutral forum for Central Ohio Information Security Professionals. The Security MBA allows for Information Security Professionals to get together and discuss current information security related topics. Some of the benefits of attending the Security MBA:

  • Free Adult Beverage of Choice

  • 2 CPE/CEU for maintaining certification

  • Opportunity to network with peers

  • Learn about the latest trends impacting IT

  • Help others by giving back to the INFOSEC Community

The Security MBA meets the first Monday monthly in the Central Ohio area to share information of relevance to the Information Security and associated fields.

We discuss emergent threats over pints of good beer, and have been doing so since 2004. Even better, the beer is usually free, thanks to our corporate sponsors.

As the Information Security field is broad, so are the range of topics, which include network, host and application security, privacy, law, cryptography, copyrights & patents, physical security, fire suppression, DR/BCP, ethics, forensic, biometrics, identity management, firearms, project management, development, data integrity, records retention and storage, optics, chemistry, hacking, red teams, DHS, NSA, FBI, ATF, etc. And beer. We operate under the Chatham House rule.


View Event →
OWASP - Seminar: Administering Responsibly
Jul
25
11:30 AM11:30

OWASP - Seminar: Administering Responsibly

Details

11:30 - 11:45 Lunch and good of the order

11:45 - 12:00 OWASP News and notes

12:00 - 1:00 Featured presentation: Administering Responsibly with Dan Conrad

Managing elevated and shared access credentials is one of the biggest challenges facing complex heterogeneous organizations today. Administrators must be able to access the systems they manage with sufficient rights to do their jobs, but organizations must control that access to ensure security and regulatory compliance. The days of administrators sharing accounts and passwords and operating without auditing are gone (or they should be).

Large enterprises face unique challenges. They too must control the use of elevated privileges, but they need to find ways to enhance authentication for these accounts to meet mandates while still enabling administrators to administer. Even with multifactor authentication to “check out” a privileged account or session, we still need to take steps to mitigate potential account compromises--making sure the admin that authenticated today is still who they say they are. We’ve come to the point where we need to continuously analyze administration by watching normal behavior and comparing it to current behavior – with real-time in-line remediation to add a powerful layer of risk mitigation.

Join us for an interactive discussion regarding privilege elevation and discuss the technologies available to assist in mitigating vulnerabilities tied to privileged access.

View Event →
ISACA - THE CYBERSECURITY LEADERSHIP FORUM INFOSEC LUNCHEON
Jul
18
11:00 AM11:00

ISACA - THE CYBERSECURITY LEADERSHIP FORUM INFOSEC LUNCHEON

The keynote presentation features David Savino, Managing Partner and Vice President at Column Information Security. David oversees all Identity & Access Management consulting for the company in North America. As the principal Advisory Services consultant, David specializes in IAM best practices, organizational change, and the related tools, processes, and technologies. David will be delivering a talk titled “My Vows to Privilege Account Management – Maintaining Fidelity in an Age Where Everyone Shares Everything”. David’s talk mixes humor with facts about PAM as a process and an organizational discipline; he also tells a story about how we got here and how businesses are coping with account security in an age when data sharing has exponential growth.

Preceding the keynote will be a roundtable group discussion moderated by Jerod Brennen, Security Architect, Consultant, teacher, and Evangelist. Jerod has been fulfilling Information Security roles for over 20 years, including consulting, higher education, retail, and public utilities. Jerod shares what he’s learned over the years with local and regional information security organizations, as well as larger InfoSec conferences. Jerod’s roundtable will delve into controversial news items and current ideas in the area of Information Security and Privacy, as he facilitates, stimulates, and challenges our modern thinking about the digital lifestyle.

Seating is limited and registration is required. You’re welcomed to bring a colleague, or send delegates from your department, but each person who wishes to attend must register.


View Event →
Masterclass: Hacking and Securing Windows Infrastructure
May
21
to May 22

Masterclass: Hacking and Securing Windows Infrastructure

Description

Price:

Members: $250

Non-Members: $295

Ticket price includes breakfast, lunch, water/coffee/tea.

Dates/Times:

Tuesday, May 21

Time: 8-4pm

Wednesday, May 22

Time: 8-4pm

This 2 day course is just a great workshop that teaches how to implement securing technologies one at a time. The course covers all aspects of Windows infrastructure security that everybody talks about and during the course you will learn how to implement them! The goal is to teach you how to design and implement secure infrastructures based on the reasonable balance between security and comfort with great knowledge of attacker’s possibilities.


This is a deep dive course on infrastructure services security, a must-go for enterprise administrators, security officers and architects. It is delivered by one of the best people in the market in the security field – with practical knowledge from tons of successful projects, many years of real-world experience, great teaching skills and no mercy for misconfigurations or insecure solutions. In this workshop you will investigate the critical tasks for a high-quality penetration test. We will look at the most efficient ways to map a network and discover target systems and services. Once it has been done, we will search for vulnerabilities and reduce false positives with manual vulnerability verification. At the end we will look at exploitation techniques, including the use of authored and commercial tools. In the attack summary we will always go through the securing techniques.

Paula Januszkiewicz is a world-renowned Security Expert. Paula loves to perform Penetration Tests, IT Security Audits, and after all she says: ‘harden’em all’! Enterprise Security MVP and trainer (MCT) and Microsoft Security
Trusted Advisor. Top-speaker at world known conferences, including being No 1 speaker at Microsoft Ignite!

https://www.linkedin.com/in/paulajanuszkiewicz/

For any additional questions email service@centralohioissa.org.

View Event →
Spring CISSP Prep Class
Mar
18
to Jun 17

Spring CISSP Prep Class

  • The Ohio State University Airport (map)
  • Google Calendar ICS

Members $295
Non-Members $500

If you are interested in teaching a domain, please send your request to
education@centralohioissa.org.

Location

The Ohio State University Airport

KFC Room 235, Classroom 1 (West)

2160 West Case Road

Dublin, Ohio 43017

Description

Spring CISSP prep classes will be held on Monday evenings from 6 - 9 PM at The Ohio State University Airport event space.

March 18 - Kickoff

March 25 - Security and Risk Management - Part 1 (Security GRC)

April 1 - Security and Risk Management - Part 2 (Law & Ethics)

April 8 - Asset Security

April 15 - Security Engineering - Part 1 (Security Architecture)

April 22 - Communications & Network Security - Part 1

April 29 - Communications & Network Security - Part 2

May 6 - Security Engineering - Part 2 (Cryptography)

May 13 - Identity and Access Management (Access Control)

May 20 - Security Assessment and Testing & and Physical Security

May 27 - No class (Happy Memorial Day!)

June 3 - Security Operations (Operations Security & BCP/DRP)

June 10 - Software Development Security (Application Security)

June 17 - Wrap-up, practice exam, open study, pizza

View Event →
ISSA CISO Executive Forum
Mar
2
to Mar 3

ISSA CISO Executive Forum

  • Marines' Memorial Club and Hotel (map)
  • Google Calendar ICS

Earlier this year an assessment was requested and conducted on a company because they could not find a rogue device on their network. The assessment was halted and a meeting ensued between HR, Legal and the assessment team. It was suggested by the team that the organization update their BYOD policy. The rogue system was determined to be a sexual device on their network and they figured it would be riskier to pinpoint the device and user than the recommended solution. The business was surprised, stunned and thankful for the discretion.

In another instance, a CISO from a 43-billion-dollar health care provider responded to a serious incident involving two of their physicians. The doctors had purchased and integrated Google Glasses with a collaboration platform that extended their exam room environment with a medical academic institution in India. The doctors performed diagnosis and treatment on patients who had no knowledge of what the technology was being used for and had not provided consent for broadcasting their treatment with the students in India. The lawsuit is still pending…

Today, CIOs, CISOs and Compliance Officers are struggling to keep up with the risks that new and innovative technologies bring to the organization. With the onset of IoT and Artificial Intelligence (AI), organizations need to understand risk, lead and provide support for those that are charged with balancing the needs of the business with the conveniences that new technology brings.

This year we provide you an opportunity to “escape from RSAC & buzzword bingo” and invite you to the ISSA CISO Executive Forum! We will provide a haven away from the vendor noise and product churn to have real conversations and get beyond the latest tech lingo. 

This is a CISO and security practitioner-driven event focused on benefiting our CISO members and qualified guests. The ISSA CISO Executive Forum is your chance to escape from the blizzard of buzzwords to meet up with your cyber-security and risk management peers, industry experts, and a specially selected security vendors in a relaxed and confidential environment. We discuss real security programs, share real-world scenarios, and learn from each other.

We have brought back our very popular VC (Venture Capital) Panel session into this year’s event as well.

Finally, attendees at the March 2019 event will have a chance to help shape the content and format for future meetings of the ISSA CISO Executive Forum in 2019 and beyond! 

View Event →
ISSA Thought Leadership Series: Is Your Organization Ready for Automation?
Jan
9
1:00 PM13:00

ISSA Thought Leadership Series: Is Your Organization Ready for Automation?

Today’s security and IT teams are struggling to keep up. The digital landscape is constantly changing and between disparate, unintegrated systems and repetitive, manual processes, security teams are having a difficult time getting ahead. There are too many alerts, not enough time to investigate them all, and staff are on the verge of burnout.

Security orchestration and automation (SOAR) tools introduce ways for security teams to streamline and improve their everyday processes. But, is your organization ready for automation?

Join a panel of experts for an engaging discussion where you’ll learn:

Key considerations that should be in place before implementing automation
When is the right time to add automation (and when it isn’t)
Which common security tasks are ideal to automate
How to prepare your organization for SOAR

View Event →
ISSA Thought Leadership Series: 2018 User Risk Report
Dec
12
1:00 PM13:00

ISSA Thought Leadership Series: 2018 User Risk Report

We surveyed more than 6,000 working adults across the US, UK, France, Germany, Italy, and Australia —about cybersecurity topics and best practices that are fundamental to data and network security. What we found out about the personal habits of these individuals was sometimes heartening, occasionally perplexing, and frequently terrifying—but always enlightening.

We will discuss the 2018 User Risk Report to see how employees shaped up globally and regionally on cybersecurity awareness issues that are impacting organizations worldwide, including:

• Knowledge of phishing and ransomware

• Safe use of WiFi, location tracking, and social media

• Password habits (including password reuse)

• The types of personal activities (shopping online, playing games, streaming media, etc.) that your organization's devices are being used for by employees and their families and friends

View Event →
2018 Holiday Party - Hold the Date
Dec
6
5:30 PM17:30

2018 Holiday Party - Hold the Date

  • Country Club at Muirfield Village (map)
  • Google Calendar ICS

Join us for our annual holiday party on Thursday December 6, at the beautiful Country Club at Muirfield Village. It will be a fun, relaxing evening with great food, drink, and networking.  New this year, wear you "best" Holiday attire.  Best could be your ugly holiday sweater or outlandish holiday pants.  You get the idea.  There will be a few prizes for some of the "best".   

Cost
Free for ISSA and (ISC)2 Members  (Suggested donation of $10 per person at the door)
$25 donation for non-ISSA and non-(ISC)2 Members
$25 donation for guests

Charities 
Donations will go to the Mid-Ohio Food Bank and Pets for Vets Columbus. The Central Ohio ISSA will match up to $1,000 in donations to each charity.

NOTE: If you wish for your donation to be tax-deductible, you MUST pay via check and make the check out directly to the organization. You may simply register and choose the option to pay via check, then either mail the check to us (PO Box 71, Dublin, OH 43017) or write out the check during check-in.

05:30p – 06:00p – Registration

06:00p – 09:30p – Heavy Appetizers, drinks (2 per person included), and discussion

View Event →
January Monthly Chapter Meeting
Jan
17
9:00 AM09:00

January Monthly Chapter Meeting

When: Wednesday, January 17 at Expedient Upper Arlington / Tree of Life
Price: FREE for Members; $20 for Non-Members

08:30 – 09:00 – Registration with light breakfast

09:00 - 09:50 – Shawn Sines, Forsythe

Title: Cloud Application On Boarding Practices & Governance

10:00 – 10:50 – Jerod Brennen

Title: TBD

11:00 - 11:50 – Chris Ingram, Vorys

Title: GDPR - What You Need to Know

11:50 – 12:00 – Closing Comments

View Event →
January Tech Event - Incident Response 3.0
Jan
10
8:00 AM08:00

January Tech Event - Incident Response 3.0

Incident Response 3.0: Learning from Others’ Mistakes to Ensure an Efficient, Cohesive Response in the Era of a 72-Hour Window

When: Wednesday, January 10 from 8:00 AM - 12:00 Noon

Price: $20 includes breakfast, snack, and beverages throughout the morning

Target Audience: This sessions is targeted to CISOs, in-house legal partners, and risk and compliance partners (no outside counsel or outside consultants). The Central Ohio ISSA has the right to deny admission to this targeted, special session if the attendee's job role does not fit the above description.

Presenters: Heather Enlow-Novitsky and Chris Ingram, Vorys

View Event →
Holiday Party - December 7, 2017
Dec
7
5:30 PM17:30

Holiday Party - December 7, 2017

  • The Country Club at Muirfield Village (map)
  • Google Calendar ICS

Join us for our annual holiday party on Thursday December 7, at the beautiful Country Club at Muirfield Village. It will be a fun, relaxing evening with great food, drink, and networking.

Cost
Free for ISSA and (ISC)2 Members  (Suggested donation of $10 per person at the door)
$25 donation for non-ISSA and non-(ISC)2 Members
$25 donation for guests

Charities 
Donations will go to the Mid-Ohio Food Bank and Pets for Vets Columbus. The Central Ohio ISSA will match up to $1,000 in donations to each charity.

NOTE: If you wish for your donation to be tax-deductible, you MUST pay via check and make the check out directly to the organization. You may simply register and choose the option to pay via check, then either mail the check to us (PO Box 71, Dublin, OH 43017) or write out the check during check-in.

05:30p – 06:00p – Registration
06:00p – 09:30p – Dinner, drinks (2 per person included), and discussion

View Event →
Pen Testing with PowerShell
Aug
16
8:30 AM08:30

Pen Testing with PowerShell

Click Here to Register

Central Ohio ISSA is pleased to offer a full day tech session on Wednesday, August 16th, at Tree of Life, 5000 Arlington Center Boulevard, Upper Arlington, Ohio.  Attendees will be provided a lite breakfast, full lunch, and beverages throughout the day.

Pen Testing with PowerShell Agenda
Attendees of this class will learn how both pen testers and attackers can leverage PowerShell.  All phases of an attack lifecycle will be discussed. (recon, probing, exploitation, and post exploitation).  Topics will also include building attacks that are PowerShell version agnostic (allowing attacks on all versions of windows), attacking at enterprise scales (attack thousands of systems safely!), and bypassing all layers of defense including the latest restrictions found on Windows 10. 

We are pleased to welcome back a long time supporter of our chapter who has received very high ratings whether presenting at a chapter meeting, our InfoSec Summit, or in training classes.

Mick Douglas - Binary Defense
Even when his job title indicated otherwise, Mick Douglas has been doing information security work for over ten years. He received a bachelor's degree in Communications from the Ohio State University and holds the CISSP, GCIH, GPEN, GCUX, GWEB, and GSNA certifications. He currently works at Binary Defense Systems as the DFIR Practice Lead.He is always excited for the opportunity to share with others so they do not have to learn the hard way! Please join in; security professionals of all abilities will gain useful tools and skills that should make their jobs easier. When he's not 'geeking out' you'll likely find him indulging in one of his numerous hobbies; photography, scuba diving, or hanging around in the great outdoors.

Registration is currently open to ISSA Members only until Tuesday, July 25 at 10am. At that time, the remaining spots will be available for purchase by non-members. If you want to attend the tech session, sign up ASAP! Cost to members is just $20. You must bring a laptop to attend this course.

Click Here to Register

View Event →