Meetings

Upcoming

General meeting sign in form – Click Here to Sign In

Doug Cavit - Thursday, June 6, 2024

CISO of Snohomish County

Doug Cavit

Doug Cavit

Time: 6 pm meet and greet, 6:30 start

Location: Zoom and Mercer Island (register for location)

Eventbrite tickets for in person attendance only

Summary:

What is a “Service SBOM” in a virtualized world and why should I care?

There is a new concept that is gaining traction with industry and government called a “Service SBOM” or service bill of materials. This talk will focus on what it is, how can it help me, and why you should care. We live in a world that with an increasingly deep and diverse supply chain that we can only ignore at our peril. Recent events show that not only financially motived bad actors but nation state entities are working to weaken and create entry points in the supply chain. The rise of ever increasing levels of virtualization through cloud services and containerization compound this issue. The talk will offer some practical advice on what to look for and how to get value from this new concept with a focus on practical solutions.

Bio:

Doug Cavit was part of the CISA working group that recently published guidance on Shared Service SBOM’s in cooperation with all the major cloud service providers. He has been involved in IT security for over 20 years as CIO of McAfee and Chief Security Strategist at Microsoft and is currently CISO for Snohomish County. He has been involved in setting security standards for the financial services and utility industries as well as the ISO process for secure software development. Mr. Cavit has helped the Global Fortune 1000 and governments around the world on security.

Ronald "Ron" Dean Watters Jr - Thursday, May 2, 2024

Cybersecurity and Infrastructure Security Agency

Ronald Watters

Ron Watters, MCSE, CNA, GSLC

Time: 6 pm meet and greet, 6:30 start

Location: Zoom and Mercer Island (register for location)

Eventbrite tickets for in person attendance only

Summary:

Cybersecurity Advisor, Private Sector Western Washington
Cybersecurity and Infrastructure Security Agency

Bio:

Ron serves as the Region 10 Private Sector Cybersecurity Advisor for the Cybersecurity and Infrastructure Security Agency. Based in Seattle, WA, he supports the Department of Homeland Security (DHS) mission of strengthening the security and resilience of the nation’s critical infrastructure.

His program coordinates cyber preparedness, risk mitigation and incident response, and provides cyber security resources, including assessments, to the nation’s sixteen critical infrastructure sectors and state, local, tribal, and territorial government entities.

Prior to joining DHS, Ron served 27 years with the U.S. Navy and Naval Reserve as a Submarine Sonar Technician and Diver. Finding not much use for a Submarine Sonar Technician in the Surface reserve Ron utilized his talents as an Intelligence Analyst and was utilized accordingly. Ron retired from the US Navy in 2007. During his active duty Ron completed his Bachelor’s degree in Public Administration with Criminal Justice emphasis (Cum Laude). Ron completed his two Master’s Degrees in Education (School Administration and Secondary Education) at Loyola Marymount University. He continued his education and achieved certification as a Microsoft Certified Systems Engineer and Microsoft Certified Trainer, he was hired as the Computer Science Department Chairman at Chaminade College Preparatory High School in West Hills, CA until he was recalled to Active duty following 9/11. Upon his demobilization he was offered a position as the Deputy, Information Systems Management Officer with the 4th Marine Corps recruiting District in New Cumberland, PA. He rose to the position of S-6 before leaving in 2009 to take a position as the Chief, Information Assurance Division, Network Enterprise Center Ft Irwin, CA. Ron remained in that positon until he left to become the Branch Manager of the Cybersecurity Branch of the Puget Sound Naval Shipyard in March of 2016. Ron interviewed and was hired as the Region X Cybersecurity advisor in June of 2017 and has filled that position presently.

Ron’s computer certifications are numerous to include Microsoft Certified Systems Engineer (MCSE), Certified Novell Administrator (CNA), GIAC Security Leadership Certification (GSLC), CompTia Security+ CE, and Microsoft Certified Trainer (MCT). In addition to the professional certifications Ron has been awarded numerous Commander’s Coins for excellence and received Two Commander’s Awards for his work at Fort Irwin.

Frank Simorjay - Thursday, April 4, 2024

Choose Your Cyber Adventure!

Frank Simorjay

Frank Simorjay, CISSP

Time: 6 pm meet and greet, 6:30 start

Location: Zoom and Mercer Island (register for location)

Eventbrite tickets for in person attendance only

Summary:

Welcome, cybernauts, to an adventure where your choices forge the path of knowledge. Before you lies a digital realm riddled with challenges and opportunities. Will you delve into the abyss of Security Reviews, navigate the treacherous waters of Software Bill of Materials, or decode the enigmas of Microsoft Security – Inside and Out?

Cast your vote during the meeting, shape the quest, and let the journey to cybersecurity knowledge begin!”

Bio:

Frank Simorjay is a Principal Program Manager for the Industry Cloud Solutions team at Microsoft. He is a cloud security architect and content developer with an extensive library of security content for Microsoft. He is passionate about promoting security computing, smart cloud adoption, and Internet of Things (IoT) security. He also enjoys working with LLMs. He is a CISSP and ISSA Distinguished Fellow and has been recognized as a distinguished fellow with the Association. He is also the founder of the ISC2 Seattle chapter and ISSA Puget Sound.

Janet Lawless - Thursday, March 7, 2024

Unmasking the Shadows: Demystifying Clever Adversary Strategies and Tactics

Janet Lawless

Janet Lawless

Time: 6 pm meet and greet, 6:30 start

Location: Zoom and Mercer Island (register for location)

Eventbrite tickets for in person attendance only

Summary:

Your organization understands their strengths, weaknesses, critical assets and gaps in your defenses. The problem is, so do your adversaries.

Adversaries are sophisticated, clever, motivated and highly focused. Attacks are well planned, coordinated and use a variety tactics combining cyber, physical, human and technical to accomplish their goals. Learn more about adversarial focus, strategies and tactics and how an effective, holistic threat intelligence program can proactively mitigate attacks and get you ahead of the game. No matter how big or small your organization…they are out to get you! Knowing your adversaries and having threat intelligence throughout your organization, gives you strategic advantage to protect your organization.

Bio:

Janet is CEO and Founder of Center for Threat Intelligence. Janet established a team of intelligence experts to build a cutting-edge threat intelligence consulting, training and a certification program for Certified Threat Intelligence Specialists (CTIS). Center for Threat Intelligence is an approved provider for Department of Homeland Security’s (DHS) National Initiative for Cybersecurity Careers and Studies (NICCS), part of the National Initiative for Cybersecurity Education (NICE).

In former leadership roles at Microsoft and Cisco, she created and managed global programs focused on risk management, compliance and security. In addition, she was the VP of Sales and Channel Sales at Critical Insight, a cybersecurity start-up.
Janet is a member of InfraGard, the United States Secret Service Cyber Fraud Task Force and the Washington State Fusion Center. She has served as Board Chair for ASIS International Puget Sound Chapter and the Pacific Coast Analyst Roundtable. She is an Emeritus Board Member for the American Red Cross. Janet also founded “PCs 2 Vets” and has provided over 1,000 laptops to veterans in need.

Brian Shea - Thursday, February 1, 2024

How Security Teams can Understand LLMs and Generative AI

Brian Shea

Brian Shea

Time: 6 pm meet and greet, 6:30 start

Location: Zoom and Mercer Island (register for location)

Eventbrite tickets for in person attendance only

Summary:

In this discussion we will talk about AI, specifically LLMs and Generative AI, and how security teams can understand these technologies, and work to embrace them while managing the risk these new technologies pose.  What are good frameworks to use in assessing these risks and what are the challenges we still face?  

Bio:

Brian is an IT Executive with 29 years of experience from Security Operations and Support, Compliance, Risk Management, Technology Innovation, IT Operations and Support.  Currently Brian is a Business Information Security Officer (BISO) supporting multiple business units at Salesforce, delivering security and compliance across our people, process, technology, and data.  In addition to this he has worked in Security and GRC at Starbucks, Microsoft, and Bank of America as well as served as a Cybersecurity Advisor for CREATE.ORG, sat on the Board of Technical Advisors for NODUS technologies, served as an alternate to the PCI-DSS Customer Advisory Council, held CISSP and CISM certifications, and has published 2 books and 3 industry papers on security.

Jake Bernstein - Thursday, January 4, 2024

Proliferation of Privacy Laws: Annual Update

Jake Bernstein

Jake Bernstein

Time: 6 pm meet and greet, 6:30 start

Location: Zoom and Mercer Island (register for location)

Eventbrite tickets for in person attendance only

Summary:

The world of privacy and cybersecurity regulation has continued to expand at a blistering pace. The number of states with comprehensive privacy laws went from 5 in December 2022 to twelve as of December 2023. Numerous federal agencies have promulgated and begun enforcing new privacy and cybersecurity rules, most notably the Securities Exchange Commission. This meeting will provide you with all the updates on this important topic from Jake Bernstein, ISC2 Chapter Secretary, partner at K&L Gates LLP, and Adjunct Professor at Seattle University School of Law.

Bio:

Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General’s Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

Archive

  • January | 
  • February |
  • March |
  • April |
  • May | 
  • June |
  • July |
  • August |
  • September |
  • October |
  • Novemember |
  • December |
  • January | Bryan Hurd
    • Presented by a “seasoned cyber smoke jumper” who has handled thousands of breach events, espionage investigations, and is also a cyber insurance expert. This session is designed for Risk Officers, CEOs, COOs, General Counsels and CISOs in relation to cyber security. The presentation will cover technical threats including ransomware attacks, intrusions, email compromises, invoice scams, and other major incidents that can create significant financial losses and sometimes even mean the extinction of organizations. It will furnish insights from the insurance industry, discuss pertinent areas in the underwriting process that can help companies be ahead of the threat, and provide proactive measures that executives can do today to mitigate risk. The session will also cover what it’s really like to be in the boardroom during a cyber even. The session will include an interactive Q&A.
    • Archived Video
  • February | Board Panel
    • Advice from the (ISC)2 Seattle Chapter and featured guests about entering the cybersecurity field.
    • Archived Video
  • April | Tony Moor
    • Tony Moor will dive into the world of silicon hacking and hardware reverse engineering. The changes in hacker’s techniques as well as their tools as security has improved along with the natural shrinking of semiconductor devices continues (Moore’s Law). From a basic setup costing thousands of pounds in the 90’s, a potential attacker may now need significant financial backing, certainly in the range of hundreds of thousands of pounds. That and the need to learn complex scientific techniques such as SEM (Scanning Electron Microscopy) and FIB (Focused Ion Beam) in order to be successful. Tony will take us along the journey of this exciting evolution.
    • Archived Video
  • May | Aaron Sheridan
    • In this presentation, Aaron Sheridan will present the recent advanced infiltration techniques, along with a working demo of a recently used A-iTM attack method that includes Credential Harvesting.
    • Archived Video
  • June | Alan Luk
    • How do you assess your org’s security posture? Do you use a risk or controls-based framework? How often are you gathering signals to perform the assessment? In this session, we will talk about the benefits of having automated metrics to enhance your risk management process, achieve a higher level of security assurance, and streamline audits.
    • Archived Video
  • July | No Meeting
  • August | Aaron Weller
    • HP’s Privacy Engineering Center of Excellence. Providing technical leadership and data engineering solutions designed to be leverageable across HP’s global operations.
    • Archived Video
  • September | Tim Rains
    • Select Insights from Cybersecurity Threats, Malware Trends, and Strategies 2nd Edition. Tim Rains will present Cybersecurity Threats, Malware Trends, and Strategies and covers the statistical aspects and potential approaches to help decision makers be informed when creating or updating their company’s cybersecurity strategy.
    • Archived Video
  • October | Bugra Karabey
    • Strategic Partner Cybersecurity at Datacenters.
  • November | No Meeting will be at SecureWorld
    • Connecting, informing, and developing leaders in cybersecurity.
  • December | Steve Louden
    • Join us for fire chat with Steve Louden to discuss how Cyber Risk Management and IT Controls influence financial forecasts and impact to companies’ bottom line. During the discussion Steve will share importance of IT controls through the lens of CFO and how cyber risk management changed how companies plan and respond to cyber risk. Learn what is important to Audit Committees in context of cyber risk management and how to convey cyber priorities using business language.
  • December | Jake Bernstein, CISSP, CIPP/US
    • The past three years were saturated with change and upheaval. From state-level battles concerning private rights of action to the adoption of privacy laws across the globe, the data protection and security industry refuses to stand still. This presentation looks forward to 2023 by chronicling years past. Forthcoming legislation and regulations tackling data protection respond to pitfalls and triumphs under existing structures.
    • Archived Video
  • October | Paul Brunson, VP of Engineering
    • Developing a practical cybersecurity strategy can be a daunting task. Where do you start? What issues should I address? How do I know what to protect? While each company’s strategy will be unique to them, the basic ideas and concepts of an actionable cybersecurity strategy are the same whether you’re the CISO of a Fortune 500 company, or the Director of IT (who also happens to own Security!) at a mid-market manufacturer. Understanding your business, aligning with corporate strategy, and defining the scope and the risks, are just a few of the concepts that ALL companies must do, in order to develop a successful cybersecurity strategy.
    • Archived Video
  • September | Erez Benari
    • As one might expect of a company the size of Microsoft, the company operates a significant infrastructure for issuing and managing certificates using a custom system known as “SSLAdmin”. Built over decades, with multiple redundancies and controls, as well as an external auditing process, this system powers a massive amount of websites, from Microsoft.com itself to hundreds of Azure services, some of which require thousands of certificates issued daily. This 45-minute presentation will explore the technology concepts behind this system and what makes it unique, in addition to some fascinating stories from the trenches and lessons-learnt from battle-scars.
    • No Video
  • June | Javier Salido
    • The evolution of privacy and the ethical use of machine learning in the tech industry.
    • Archived Video
  • May | David Hobbs
  • April | Michael LeSueur
    • We’ll navigate through uncharted security territory by analyzing the attack lifecycle in the cloud and dissecting a real-world attack. The same technology that makes the cloud dynamic can have the opposite effect on an organization’s ability to implement detection and response in cloud environments. This includes the adding additional layer of preventative controls in addition to MFA, because it’s increasingly being bypassed in O365 as an example. Michael LeSueur, Security Engineer at Vectra, will help us navigate through the uncharted security territory by analyzing the attack lifecycle in the cloud, reviewing the top cloud security threats, and dissecting a real-world cloud attack. Additionally, he’ll provide key takeaways for managing access, detection and response, and security operations.
    • Archived Video
  • March | Trey Blalock
    • Deepfakes, Voice Cloning, Synthetic Identities, and the Future of Fraud.
      This talk is a fast-paced overview of some interesting tools and techniques used by threat actors and a discussion of the implications for the future of fraud. Trey will also be discussing some of the long-term issues that defenders need to be aware of, some mistakes businesses need to avoid, and how to protect your organizations from these types of attacks.
    • Archived Video
  • February | Jon Espenschied
    • Unified GRC approaches, or “how not to bury people in policies they won’t follow.”
    • Archived Video
  • January | Tim Rains
    • Tim Rains is the author of Cybersecurity Threats, Malware Trends, and Strategies, which covers vulnerability disclosure trends, malware trends, web-based threats, and an in-depth examination of cybersecurity strategies that the industry has used to try to mitigate them. Tim wrote this book after working as the most senior cybersecurity advisor at both Microsoft and Amazon Web Services.
    • Archived Video
  • November | Lori Murray, CISSP
    • Risk Management Framework is a process that integrates cyber security, privacy, and supply chain mitigations into the system development life cycle. Controls are selected and tailored specific to the needs of each instantiation allowing a holistic approach to defining security architectures in order to minimize security risk. During this session we explore the basics of Risk Management Framework as called out in NIST SP 800-53 and associated NIST SP 800 publications.
    • Archived Video
  • October | Ethan Shackleford
    • The technology sector today is evolving more quickly than ever – with the rise of new industries – greatly expanding the scope of knowledge required to evaluate the security of systems and environments; it can feel as we are getting further and further ‘away from the metal,’ especially with the explosion of cloud technology abstracting details even further beyond shiny APIs. But there’s a commonality behind the novel abstractions: hardware. Understanding the operations of this hardware and its exposure to threats – is the essential knowledge needed by infosec professionals of all industries to improve security operations.
    • Archived Video
  • September | Jake Bernstein, CISSP
    • Exploring the 2021 Verizon Data Breach Investigations Report. Every year the Verizon cybersecurity team publishes a report analyzing the data and trends from the past year of cybersecurity investigations. Every cybersecurity professional should review the report because it is full of amazing insights and useful trends. This presentation will adapt the content from two episodes of The Cyber Risk Management Podcast to provide a distilled version of the 2021 DBIR and provide ample opportunity for discussion.
    • Archived Video
  • August | Abraham Kang
    • GraphQL is coming to replace your REST APIs. Built on the promise of providing more flexible access to your data, there has to be a catch. Come to this talk if you would like a comprehensive overview of the known security vulnerabilities in GraphQL applications. We will also cover mechanisms and design patterns that you can use to secure your GraphQL applications from these attacks.
    • Archived Video
  • June | Bryan Hurd
    • Cyber Smoke Jumper – Days, Nights and Weekends in the Life of a Breach Responder. This session is a view into the past, present and future of cyber attacks hitting our companies, communities and families. Leading global teams that General Counsels, CEOs and CISOs call in emergencies or to avoid one, Bryan will be discussing not only some of the trends and technical issues in what the adversaries are doing, related to ransomware, intrusions and extortion, but the way that technical and executive leaders can protect, avoid, or respond to attacks from cyber criminals or insiders. Bryan will also be discussing the skills, certifications, and network of professionals that make collective response to this global threat possible.
    • Archived Video
  • May | Joe Szymusiak
    • Data the Unintended Consequences. Where, what, and how personal data has been used and abused.
    • Archived Video
  • April | Fernando Maymi
    • Collective Defense is a multiparty strategy in which each member of a community freely contributes to the cybersecurity of the others and, in so doing, improves its own security. It is the idea that organizations defend as a team. Participants trust each other and cooperate in matters of cybersecurity while remaining competitive in the marketplace. The Collective Defense Framework comprises three components. Cooperation which requires that all participants work together to achieve a collective effect that would have been impossible to be done in isolation. Intelligence which entails collaborating on the production and sharing of friendly information and threat intelligence to develop a common operational picture. Activities and initiatives in these first two components are validated, practiced and enhanced through the third component, Training and Exercises.
    • Archived Video
  • March | Frank Simorjay
    • Come join us in our upcoming ISC2 Seattle meeting where Frank Simorjay ISC2 Seattle Chapter President will share his expertise at Microsoft and present on the topic of Securing Privileged Access processes, and what you should considering in building own Privileged Access Workstations (PAW).
    • Archived Video
  • February | Dan Griffin
    • I will discuss the role that privileged access plays in preventing future Solar Winds like attacks. I will provide specific examples of hardware and toolchain security measures that you can adopt for secure software development.
    • No Video
  • January | Jean Pawluk, CISSP
    • All that glitters… Applying lessons learned to date to emerging technologies.
    • Archived Video
  • December | Marc Coady, CISSP
    • One-man Band – My personal experience as the first IT Security Manager of MOD Pizza.
    • No Video
  • November | Trey Blalock, CISSP
  • October | Jake Bernstein, CISSP
    • Creating a cybersecurity program that meets the FTC’s standard for reasonableness based on the NIST CSF.
    • Archived Video