Northeast Ohio Information Security Forum

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday March 15, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

The Concept of Technological, Compliance and Security Debt
by: David Sopata

Finding it hard to explain to non-technical people the value of continually upgrading technology, processes, and/or systems? Tired of management telling you “If it ain’t broke don’t fix it”? Feeling the burn of buying parts on eBay for a system that should have been replaced 10 years ago? Are you having trouble finding COBOL developers? Welcome to the concept of Technical Debt. The concept has been around however, it has not necessarily been applied well or communicated effectively to others outside the INFOSEC world. David Sopata who is an Information Security Professional who specializes in Compliance, Continuous Improvement, Risk, and Auditing will provide a recap of what Technical Debt is, how it could be applied within your environment, and how it can apply not only to Technology, but Security, Compliance, and Business Processes.

Standing Out in the crowd, the right way
By: Sheena Fain

Ever find yourself at a job fair, or submitting your resume to all those closely guarded infosec positions? Do you wonder if you are lost in the endless see of paper that get shoved into a HR or Recruiter’s hands? How do you make yourself stand out amongst the crowd. Welcome to Standing out in the crowd, the right way. We will be discussing tips and tricks on how to get your resume, profile, or name into the ear of the right people and once you’ve landed that coveted interview, tricks to creating a lasting image of who you are. Why be just another Joe or Jane when you can be Joe with that awesome profile page that had all that potential and career planning and goals?

• Sheena is a HR Manager with SecureState
• Sheena has several years experience in HR including both public and private sectors
• She has a MBA through University of Phoenix
• Currently she is pursuing her SPHR certification
• She is passionate about helping candidates understand what hiring managers are looking for

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday February 15, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Open Mic & Social

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday January 18, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

What to Expect When Your Applications Are Being Pentested
by: Mike Woolard

This will be an open discussion on the top steps to prepare your organization for a third-party pentest of your applications. What are some of the pitfalls companies fall into when scoping the engagement, what to do while the test is going on, and preparing your company to respond to the results in a timely manner.

• Mike is a security analyst who has worked in the IT field for 16+ years.  14 of those years were spent in various IT roles including SysAdmin, SysEngineer, DBA, and NetEngineer.  That experience has helped him in his current role, where Michael plays an integral part in all areas of the organization to help secure the processes and procedures.  Michael manages risk assessments and pentests of the various web applications OEC builds, and leads the security awareness & education program where he designed many workshops and puts on many events.  Mike has worked towards various certifications including the CISSP and CEH and is a contributing member of many local security organizations including Infragard, NEOISF, Clevesec and the Information Security Summit.

How to Win at Compliance, and Influence Auditors
by: Tom Kopchak

If you’re here, your organization inevitably is responsible for managing and conforming to numerous regulatory and compliance requirements.  All too often, you will find yourself at the mercy of an individual auditor’s interpretation of these compliance requirements. As security professionals, helping our customers meet compliance requirements through the use of security reporting tools, we can definitely relate to this scenario.

This presentation will focus on various interpretations of compliance requirements that we have seen from different customers working with different auditors across a wide range of industries.  Our intent will be to draw attention to these differences, and seek to ultimately encourage compliance efforts to be less subjectively and more objectively focused.

• Tom Kopchak is the Director of Technical Operations at Hurricane Labs, where he pretends to manage a team of network and system engineers, but is still an engineer and technology geek at heart. He holds a Master’s degree in Computing Security from the Rochester Institute of Technology, and has spoken at numerous infosec conferences around the country. When he is not working with computers, Tom enjoys composing, music improvisation (Acts of Music), and playing both the piano and organ.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday November 16, 2016
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

RottenPotato: A Quick Review
by: Chris Mallz

Chris will be discussing a technique based on the Potato exploit that allows for elevation from many Windows service accounts (such as those used by IIS and SQL Server) to SYSTEM in default configurations on all Windows versions.

• Chris really doesn’t want to write a bio he prefers researching, writing code, and popping boxes.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –