Masterclass: Hacking and Securing Windows Infrastructure
May
21
to May 22

Masterclass: Hacking and Securing Windows Infrastructure

Description

Price:

Members: $250

Non-Members: $295

Ticket price includes breakfast, lunch, water/coffee/tea.

Dates/Times:

Tuesday, May 21

Time: 8-4pm

Wednesday, May 22

Time: 8-4pm

This 2 day course is just a great workshop that teaches how to implement securing technologies one at a time. The course covers all aspects of Windows infrastructure security that everybody talks about and during the course you will learn how to implement them! The goal is to teach you how to design and implement secure infrastructures based on the reasonable balance between security and comfort with great knowledge of attacker’s possibilities.


This is a deep dive course on infrastructure services security, a must-go for enterprise administrators, security officers and architects. It is delivered by one of the best people in the market in the security field – with practical knowledge from tons of successful projects, many years of real-world experience, great teaching skills and no mercy for misconfigurations or insecure solutions. In this workshop you will investigate the critical tasks for a high-quality penetration test. We will look at the most efficient ways to map a network and discover target systems and services. Once it has been done, we will search for vulnerabilities and reduce false positives with manual vulnerability verification. At the end we will look at exploitation techniques, including the use of authored and commercial tools. In the attack summary we will always go through the securing techniques.

Paula Januszkiewicz is a world-renowned Security Expert. Paula loves to perform Penetration Tests, IT Security Audits, and after all she says: ‘harden’em all’! Enterprise Security MVP and trainer (MCT) and Microsoft Security
Trusted Advisor. Top-speaker at world known conferences, including being No 1 speaker at Microsoft Ignite!

https://www.linkedin.com/in/paulajanuszkiewicz/

For any additional questions email service@centralohioissa.org.

View Event →
Spring CISSP Prep Class
Mar
18
to Jun 17

Spring CISSP Prep Class

  • The Ohio State University Airport (map)
  • Google Calendar ICS

Members $295
Non-Members $500

If you are interested in teaching a domain, please send your request to
education@centralohioissa.org.

Location

The Ohio State University Airport

KFC Room 235, Classroom 1 (West)

2160 West Case Road

Dublin, Ohio 43017

Description

Spring CISSP prep classes will be held on Monday evenings from 6 - 9 PM at The Ohio State University Airport event space.

March 18 - Kickoff

March 25 - Security and Risk Management - Part 1 (Security GRC)

April 1 - Security and Risk Management - Part 2 (Law & Ethics)

April 8 - Asset Security

April 15 - Security Engineering - Part 1 (Security Architecture)

April 22 - Communications & Network Security - Part 1

April 29 - Communications & Network Security - Part 2

May 6 - Security Engineering - Part 2 (Cryptography)

May 13 - Identity and Access Management (Access Control)

May 20 - Security Assessment and Testing & and Physical Security

May 27 - No class (Happy Memorial Day!)

June 3 - Security Operations (Operations Security & BCP/DRP)

June 10 - Software Development Security (Application Security)

June 17 - Wrap-up, practice exam, open study, pizza

View Event →
ISSA CISO Executive Forum
Mar
2
to Mar 3

ISSA CISO Executive Forum

  • Marines' Memorial Club and Hotel (map)
  • Google Calendar ICS

Earlier this year an assessment was requested and conducted on a company because they could not find a rogue device on their network. The assessment was halted and a meeting ensued between HR, Legal and the assessment team. It was suggested by the team that the organization update their BYOD policy. The rogue system was determined to be a sexual device on their network and they figured it would be riskier to pinpoint the device and user than the recommended solution. The business was surprised, stunned and thankful for the discretion.

In another instance, a CISO from a 43-billion-dollar health care provider responded to a serious incident involving two of their physicians. The doctors had purchased and integrated Google Glasses with a collaboration platform that extended their exam room environment with a medical academic institution in India. The doctors performed diagnosis and treatment on patients who had no knowledge of what the technology was being used for and had not provided consent for broadcasting their treatment with the students in India. The lawsuit is still pending…

Today, CIOs, CISOs and Compliance Officers are struggling to keep up with the risks that new and innovative technologies bring to the organization. With the onset of IoT and Artificial Intelligence (AI), organizations need to understand risk, lead and provide support for those that are charged with balancing the needs of the business with the conveniences that new technology brings.

This year we provide you an opportunity to “escape from RSAC & buzzword bingo” and invite you to the ISSA CISO Executive Forum! We will provide a haven away from the vendor noise and product churn to have real conversations and get beyond the latest tech lingo. 

This is a CISO and security practitioner-driven event focused on benefiting our CISO members and qualified guests. The ISSA CISO Executive Forum is your chance to escape from the blizzard of buzzwords to meet up with your cyber-security and risk management peers, industry experts, and a specially selected security vendors in a relaxed and confidential environment. We discuss real security programs, share real-world scenarios, and learn from each other.

We have brought back our very popular VC (Venture Capital) Panel session into this year’s event as well.

Finally, attendees at the March 2019 event will have a chance to help shape the content and format for future meetings of the ISSA CISO Executive Forum in 2019 and beyond! 

View Event →
ISSA Thought Leadership Series: Is Your Organization Ready for Automation?
Jan
9
1:00 PM13:00

ISSA Thought Leadership Series: Is Your Organization Ready for Automation?

Today’s security and IT teams are struggling to keep up. The digital landscape is constantly changing and between disparate, unintegrated systems and repetitive, manual processes, security teams are having a difficult time getting ahead. There are too many alerts, not enough time to investigate them all, and staff are on the verge of burnout.

Security orchestration and automation (SOAR) tools introduce ways for security teams to streamline and improve their everyday processes. But, is your organization ready for automation?

Join a panel of experts for an engaging discussion where you’ll learn:

Key considerations that should be in place before implementing automation
When is the right time to add automation (and when it isn’t)
Which common security tasks are ideal to automate
How to prepare your organization for SOAR

View Event →
ISSA Thought Leadership Series: 2018 User Risk Report
Dec
12
1:00 PM13:00

ISSA Thought Leadership Series: 2018 User Risk Report

We surveyed more than 6,000 working adults across the US, UK, France, Germany, Italy, and Australia —about cybersecurity topics and best practices that are fundamental to data and network security. What we found out about the personal habits of these individuals was sometimes heartening, occasionally perplexing, and frequently terrifying—but always enlightening.

We will discuss the 2018 User Risk Report to see how employees shaped up globally and regionally on cybersecurity awareness issues that are impacting organizations worldwide, including:

• Knowledge of phishing and ransomware

• Safe use of WiFi, location tracking, and social media

• Password habits (including password reuse)

• The types of personal activities (shopping online, playing games, streaming media, etc.) that your organization's devices are being used for by employees and their families and friends

View Event →
2018 Holiday Party - Hold the Date
Dec
6
5:30 PM17:30

2018 Holiday Party - Hold the Date

  • Country Club at Muirfield Village (map)
  • Google Calendar ICS

Join us for our annual holiday party on Thursday December 6, at the beautiful Country Club at Muirfield Village. It will be a fun, relaxing evening with great food, drink, and networking.  New this year, wear you "best" Holiday attire.  Best could be your ugly holiday sweater or outlandish holiday pants.  You get the idea.  There will be a few prizes for some of the "best".   

Cost
Free for ISSA and (ISC)2 Members  (Suggested donation of $10 per person at the door)
$25 donation for non-ISSA and non-(ISC)2 Members
$25 donation for guests

Charities 
Donations will go to the Mid-Ohio Food Bank and Pets for Vets Columbus. The Central Ohio ISSA will match up to $1,000 in donations to each charity.

NOTE: If you wish for your donation to be tax-deductible, you MUST pay via check and make the check out directly to the organization. You may simply register and choose the option to pay via check, then either mail the check to us (PO Box 71, Dublin, OH 43017) or write out the check during check-in.

05:30p – 06:00p – Registration

06:00p – 09:30p – Heavy Appetizers, drinks (2 per person included), and discussion

View Event →
January Monthly Chapter Meeting
Jan
17
9:00 AM09:00

January Monthly Chapter Meeting

When: Wednesday, January 17 at Expedient Upper Arlington / Tree of Life
Price: FREE for Members; $20 for Non-Members

08:30 – 09:00 – Registration with light breakfast

09:00 - 09:50 – Shawn Sines, Forsythe

Title: Cloud Application On Boarding Practices & Governance

10:00 – 10:50 – Jerod Brennen

Title: TBD

11:00 - 11:50 – Chris Ingram, Vorys

Title: GDPR - What You Need to Know

11:50 – 12:00 – Closing Comments

View Event →
January Tech Event - Incident Response 3.0
Jan
10
8:00 AM08:00

January Tech Event - Incident Response 3.0

Incident Response 3.0: Learning from Others’ Mistakes to Ensure an Efficient, Cohesive Response in the Era of a 72-Hour Window

When: Wednesday, January 10 from 8:00 AM - 12:00 Noon

Price: $20 includes breakfast, snack, and beverages throughout the morning

Target Audience: This sessions is targeted to CISOs, in-house legal partners, and risk and compliance partners (no outside counsel or outside consultants). The Central Ohio ISSA has the right to deny admission to this targeted, special session if the attendee's job role does not fit the above description.

Presenters: Heather Enlow-Novitsky and Chris Ingram, Vorys

View Event →
Holiday Party - December 7, 2017
Dec
7
5:30 PM17:30

Holiday Party - December 7, 2017

  • The Country Club at Muirfield Village (map)
  • Google Calendar ICS

Join us for our annual holiday party on Thursday December 7, at the beautiful Country Club at Muirfield Village. It will be a fun, relaxing evening with great food, drink, and networking.

Cost
Free for ISSA and (ISC)2 Members  (Suggested donation of $10 per person at the door)
$25 donation for non-ISSA and non-(ISC)2 Members
$25 donation for guests

Charities 
Donations will go to the Mid-Ohio Food Bank and Pets for Vets Columbus. The Central Ohio ISSA will match up to $1,000 in donations to each charity.

NOTE: If you wish for your donation to be tax-deductible, you MUST pay via check and make the check out directly to the organization. You may simply register and choose the option to pay via check, then either mail the check to us (PO Box 71, Dublin, OH 43017) or write out the check during check-in.

05:30p – 06:00p – Registration
06:00p – 09:30p – Dinner, drinks (2 per person included), and discussion

View Event →
Pen Testing with PowerShell
Aug
16
8:30 AM08:30

Pen Testing with PowerShell

Click Here to Register

Central Ohio ISSA is pleased to offer a full day tech session on Wednesday, August 16th, at Tree of Life, 5000 Arlington Center Boulevard, Upper Arlington, Ohio.  Attendees will be provided a lite breakfast, full lunch, and beverages throughout the day.

Pen Testing with PowerShell Agenda
Attendees of this class will learn how both pen testers and attackers can leverage PowerShell.  All phases of an attack lifecycle will be discussed. (recon, probing, exploitation, and post exploitation).  Topics will also include building attacks that are PowerShell version agnostic (allowing attacks on all versions of windows), attacking at enterprise scales (attack thousands of systems safely!), and bypassing all layers of defense including the latest restrictions found on Windows 10. 

We are pleased to welcome back a long time supporter of our chapter who has received very high ratings whether presenting at a chapter meeting, our InfoSec Summit, or in training classes.

Mick Douglas - Binary Defense
Even when his job title indicated otherwise, Mick Douglas has been doing information security work for over ten years. He received a bachelor's degree in Communications from the Ohio State University and holds the CISSP, GCIH, GPEN, GCUX, GWEB, and GSNA certifications. He currently works at Binary Defense Systems as the DFIR Practice Lead.He is always excited for the opportunity to share with others so they do not have to learn the hard way! Please join in; security professionals of all abilities will gain useful tools and skills that should make their jobs easier. When he's not 'geeking out' you'll likely find him indulging in one of his numerous hobbies; photography, scuba diving, or hanging around in the great outdoors.

Registration is currently open to ISSA Members only until Tuesday, July 25 at 10am. At that time, the remaining spots will be available for purchase by non-members. If you want to attend the tech session, sign up ASAP! Cost to members is just $20. You must bring a laptop to attend this course.

Click Here to Register

View Event →