Northeast Ohio Information Security Forum

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday July 19, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Security Data Analysis for the Masses
by: Jon Zeolla

Jon Zeolla will be presenting on his recent work doing security data analysis at scale, in the frame of a recently scrapped SIEM project. We’ll be discussing some newer tools and techniques that lay the foundation for security-focused data analysis, and that you could start playing around with for free. SIEMs are expensive and don’t solve all of your problems, the single pane of glass is still a unicorn, and machine learning is really cool (but also a buzzword).

• Jon Zeolla is co-founder and Chief Technology Officer at Seiso, LLC where he leads all technical engagements and is responsible for research and development. Additionally, he works at the Carnegie Mellon University Information Security Office, where he architects, designs, and implements services which protect the university from malicious or harmful activity. Finally, Jon runs an IT Security user group called “Steel City InfoSec,” helps to coordinate the yearly security conference “BSides Pittsburgh,” and is a committer on the Apache Metron (incubating) project.

I’m the one who signs your CISSP
by: Alex Hammerstone & Wim Remes

PechaKucha Lighting Round! (20 slides, 20 seconds each)

• Amanda Berlin
• Charles Yost
• Mike Woolard
• Jimmy Lion
• Damian Huising

If you are interested in speaking send an email to board@neoisf.org and we can help you write your talk.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

There will be no meeting for NEOISF on June 21st due to BSidesCleveland being the following weekend. We will return to our regularly scheduled meetings in July for a meeting on July 19th. An announcement for the July meeting will happen closer to the scheduled meeting date.

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday May 17, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Wikis for simple & effective documentation
by: Christopher Ursich

The reason people hate “doing documentation” is that their understanding of it is all wrong.  It’s not all their fault; documentation systems are usually terrible, and the author gets no value out of what he writes.  Done properly, wikis cut down these inhibitors at very little cost, and can significantly add to the efficacy of your team.

• Chris Ursich has worked in infrastructure security for 15 years, in the higher-ed, manufacturing, SaaS, and insurance industries.  His favorite standards are ISO 8601 and ISO 216.

Hey I Got the Interview! Now what?!
by: Kenyon Mau

In this day and age, a lot of time and effort goes into hiring employees, especially in the security space.  Putting your  best foot forward when interviewing as well as interviewing for yourself is key to ensuring you are not moving into a difficult or toxic environment.  Additionally, with it being a small community, you want to always leave your options intact for future opportunities.

In this presentation, we will look at how to present yourself well in most interview situations ranging from phone interviews, to one-on-one interviews, to panel interviews.

• • Kenyon Mau is a successful human resources expert with over twenty years of experience as well as a passion for positively influencing an organization’s bottom line through the recruitment, retention, and development of talent.  He possesses a zest for innovation and creativity and has demonstrated these attributes in a variety of organizations of varying sizes, cultures, and needs.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday April 19, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Mental Health in Infosec – Hackers, hugs, and drugs
by: Amanda Berlin

• Amanda Berlin is currently a Network Security Engineer at Hurricane Labs. She has been working in the IT industry for around 10 years and has worked in both public and private sector as well as spending a decent time in healthcare. She managed the internal phishing campaign at a medium size healthcare facility to promote user education about phishing and hacking through an awards based reporting program. Known as ‘The InfoSystir” she is also the author of the new book, Defensive Security Handbook. She volunteers at many other conferences, and enjoys teaching others. Amanda lives at home with her three boys and “Rabbit” the cat.

Operating System Security Beyond the Fortress Mentality: A Review of Innovations in Secure Linux Operating Systems
by: Thomas Pieragastini

In the past the concept of operating system security has revolved either around the concept of building the endpoint as a fortress, with locked down permissions and strong anti-virus protections, or encasing the endpoint in network layer protections based on indicator based blocking and heuristic detection mechanisms.  These methods have been bypassed, and are being circumvented with increasing frequency.  As the discussion shifts away from the endpoint as fortress, and into other possible approaches, the question tends to center around which operating system is the “most secure”, a question that ignores differences in threat model and security objective.  Recently operating systems, within the Linux world, have emerged that eschew this approach in favor of more specified approaches to security; amnesiac operating systems, advanced application level and process sandboxing, absolutely minimal attack surface and application level virtualization.  This presentation will discuss some of the innovations in the world of secure operating systems, the threat models that they respond to and the architectural steps taken in order to achieve their intended security objectives.

• Thomas Pieragastini came to the world of information security via the circuitous route of academia, through threat intelligence and into pentesting.  He is passionate about securing data, hacking things, digital rights and privacy.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –