Splunk Security Data 101 Workshop
Saturday, Jan 12, 2019

"Splunk Security Data 101"

ISSA Atlanta is hosting a hands-on Splunk Security Data 101 workshop on Saturday, January 12th from 8:30am-4pm at the Georgia Hospital Association. Learn the basics of Splunk and how to use Splunk for various Security use cases. FREE for ISSA Atlanta Chapter members.

  • Learn more about how Splunk can improve your Security posture

  • Experience hands-on activity with Splunk to learn basic search techniques

  • Learn a few advanced search techniques to improve Security research using Splunk

  • View an updated demonstration of some of the latest features in Splunk and Enterprise Security

  • Learn how automation can assist your Security and IT Ops teams that might be short on people power

  • Perform hands-on activity with Splunk's Enterprise Security, premium solution for SIEM

Attendee Requirements:

  • Must bring their own system. Most modern laptops are acceptable.

Agenda:

Splunk Workshop for Security Insights

  • 8:30 - 9:00: Check-in, light breakfast, and Networking

  • 9:00 - 9:30: Overview of Splunk

  • 9:30 - 10:00: Explanation of how search works (with demo)

  • 10:00 - 10:15: Break

  • 10:15 - 11:30: Hands-on activity (learn how to search and create correlation search)

  • 11:30 - 12:30: Lunch break and Networking

  • 12:30 - 1:00: Splunk's Security Portfolio

  • 1:00 - 2:15: Hands-on activity (experience with Splunk Enterprise Security, Top 10 use case examples)

  • 2:15 - 2:30: Break

  • 2:30 - 3:30: Insider Threat Overview (with demo)

  • 3:30 - 3:45: Final Thoughts and Next Steps

Instructors:

Michael Nobles / Colleen Paine

Michael Nobles is a Senior Sales Engineer at Splunk working on his Security SME (subject matter expert) designation. Michael recently completed his CEH to become a Certified Ethical Hacker. During the last 3 years, Michael has been supporting Splunk at various customers across the southeast USA. Prior to that, Michael was at IBM and focused on Hadoop and Big Data for nearly 6 years. Before Big Data, Michael was a sales engineer for data warehousing and business intelligence solutions at IBM. Michael also has a computer science degree from Texas A&M University.

On a quick personal note, Michael has been happily married to his wife, Janelle, for 28 years. Michael has 4 kids, and three awesome grandkids now. His oldest three kids are married and the youngest one is still living at home and going to Georgia State University. When Michael is not at work, you will find him donating his free time at church where he leads the camera team at Passion City Church (http://passioncitychurch.com) and you can see his handy work in the videos published on the site every week (using the "watch" link).

Colleen Paine is a Sr Sales Engineer who has been doing nothing but Splunk since 2012. She lives in Dahlonega with her husband, 6 chickens and large dog, Thor. Thankfully her children are old enough to have left the nest!

Colleen loves riding her bicycle and hiking and she is planning a snowshoeing trip in Yosemite this March. She strives to garden but FAILS- let her know if you can offer her any advice.

Location:
Georgia Hospital Association
1675 Terrell Mill Road
Marietta, GA 30067

Time:
8:30 am to 4:00 pm

Chapter Meeting for January
Thursday, Jan 31, 2019

"Strategies for Advancing Your Security Career"

Keyaan Williams
CEO at Cyber Leadership and Strategy Solutions, LLC (CLASS_LLC)

 

The ISSA developed a Cybersecurity Career Lifecycle (CSCL) that describes the knowledge, skills, and aptitudes required for success at five levels of professionalism. This presentation will explore the career strategy required to achieve success at each level and what people need to do to prepare for success at higher levels.

Keyaan is an experienced executive who specializes in information security, risk management, compliance, and internal controls. He has helped global enterprises, governments, universities, small businesses develop solutions that satisfy legal, regulatory, and operational requirements. He currently serves as the CEO of a professional services firm that focuses on cyber strategy, risk management, and workforce develop for global clients.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Chapter Meeting for February
Thursday, Feb 28, 2019

"Internal Audit: The Third Line of Defense"

Robin Moore
Sr. IT Auditor at Change Healthcare

 

Protecting an organization from security threats is a team effort. Defense in depth means more than just multiple levels of security, it also means multiple departments working together in a common defense. No longer is Internal Audit the exclusive domain of Accountants, and by adding Security Experts to Internal Audit teams an organization can add another level of defense to its security posture. This presentation will look at security from the perspective of the Internal Auditor and discuss key reasons for adding security minded professionals to the Internal Audit teams as well as the common myths behind the adversarial nature of the relationship most departments believe they have with Internal Audit.

Robin is Sr. IT Auditor at Change Healthcare & Professor at Georgia State University. Robin is a part-time Professor in the Computer Information Systems Department at Georgia State University where he teaches Network Security and Hacking as well as Security Audit and Compliance in the Master of Science in Information Systems program. With over a decade of IT experience covering physical security, application security, security auditing, and compliance he recently transitioned to Internal Audit with Change Healthcare as part of their Audit and Risk Advisory Services team with the objective of bringing a security focus to Internal Audit.

Robin holds CISSP and CEH certifications as well as BS and MS degrees in Information Systems and is currently working on his doctoral dissertation in security compliance.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Chapter Meeting for March
Thursday, Mar 28, 2019

"Cybersecurity Exercises and the Importance of These"

Marian Reed
Sr. Director, Global iSOC, Information Security and Risk Management

 

Marian is an experienced Senior Director with a demonstrated history of working in the hospital & health care industry. She is a strong professional skilled in IT Strategy, Team Building, Management, Health Information Exchange, and Healthcare. Currently, Marian is responsible for Global iSOC at McKesson which includes Cyber Security Incident Management and annual exercises.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Chapter Meeting for April
Thursday, Apr 25, 2019

"Building a Valid Threat Library for Cloud Based Applications"

Tony UcedaVélez
CEO & Founder, VerSprite | Evolved Security Consulting

 

Tapping the power of various inherent cloud monitoring and log components in order to build a dynamic threat library that can substantiate your threat model is very possible. In this talk we'll look at both Azure and AWS components to leverage when adding threat context and ultimately an amazing threat library to your application threat model. We'll look at exemplifying these techniques across mission critical infrastructure in Energy and Transportation.

Tony is CEO at VerSprite, an Atlanta based security services firm assisting global multi-national corporations on various areas of cyber security, secure software development, threat modeling, application security, security governance, and security risk management. Tony has worked and led teams in the areas of application security, penetration testing, security architecture, and technical risk management for various organizations in Utility, Banking, Government, Retail, Healthcare, and Information Services. He recently finished his latest book, Risk Centric Threat Modeling with Wiley Life Sciences which was endorsed by the late Howard Schmidt, former cybersecurity coordinator for the White House. Tony regularly speaks at global security and technology conferences/ chapters and has spoken at global events spanning across 13 countries, 4 continents on various security themes. He also has been running the OWASP Atlanta Chapter for the past 9 years.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Chapter Meeting for May
Wednesday, May 29, 2019

"Introduction to FAIR Risk Analysis"

Donna Gallaher

FAIR Quantitative Risk methodology improves upon the traditional "Red-Yellow-Green" executive dashboard reports by putting risks in financial terms. Applying FAIR methodology within your security program improves the quality of the discussions with your business stakeholders by diving into the assets, threat actors and impact of loss scenarios that are most meaningful to the organization. Once FAIR is methodology is added to your existing risk framework, your board of directors and executive team will be enabled to make better informed funding and risk mitigation decisions using objective data and financial models.

Ms. Gallaher served as a C-Level Strategic Advisor in IT and Cyber Strategy for multiple global companies for over 15 years drawing from her previous successes in engineering, solution selling, IT operations and leadership. She provides value to clients by thoroughly understanding business and regulatory requirements, assessing obstacles and translating technical challenges into business risks allowing technology to function as a business enabler.

Ms. Gallaher is the Chair of the Atlanta FAIR Institute Chapter, serves on the Board of Directors of the Technology Association of Georgia Information Security Society, Evanta CISO Southeast Governing Body and is active in the local ISSA and Cloud Security Alliance chapters. She is active in the lobby efforts to shape cyber security legislation and her recent articles have been published on the National Technology Security Coalition website.

Ms. Gallaher holds CISSP, CCISO, CIPP/E, CIPM , Open FAIR and ITIL certifications and is designated a Fellow of Information Privacy by IAPP. She is a graduate of Auburn University with a Bachelor of Science in Electrical Engineering.

---------------------------------------

Our May Membership meeting is May 29 @ 3:00 at SecureWorld in Ballroom C. Registration is free through SecureWorld using the discount code:

"ISSE" which allows attendance to the Exhibit Hall.

Registration is below:

SecureWorld Registration

VIEW COMPLETE REGISTRATION DETAILS

SecureWorld Details

Immediately following the meeting will be the Opening Reception sponsored by the Metro Atlanta ISSA featuring a Women CISO panel. Start time for the ISSA Women CISO panel is 4 - 6, Keynote Theatre.

There is no charge for ISSA members to attend this. Registration is separate and at this link:

ISSA Executive Panel and Reception

Please be aware that by registering, your information will be shared with the sponsoring vendors for both SecureWorld events.

Location:
Cobb Galleria Centre
2 Galleria Pkwy SE
Atlanta, GA 30339

Time:
3:00 pm to 4:00 pm

Earn CPE credits with attendance

Career Day
Saturday, June 15, 2019

"Metro Atlanta ISSA Career Day"

The Metro Atlanta ISSA Chapter is hosting a career day event to help promote career development of Junior to Midlevel Information Security professionals in the Atlanta area.

Please note that while participation in this event is provided free of charge by Metro Atlanta ISSA, participants must register to attend by June 10th. Limited seats are available. Complimentary parking validation for attendees. For additional questions, please send email to careers[at]gaissa[dot]org with any questions.

Location:
Loudermilk Conference Center
40 Courtland St NE
Atlanta, GA 30303

Time:
10:00 am to 3:00 pm

Chapter Meeting for June
Thursday, Jun 27, 2019

"Building a Successful CSOC"

Jason S. Lawrence
Principal Architect, Cybersecurity Consulting, AT&T Cybersecurity

 

Jason has been building cybersecurity operations centers for the better part of the last decade. He has participated in numerous breach investigations and served as the Atlanta chapter of the ISSA's VP. Jason, occasionally teaches SANS Forensics and Security Operations class as a SNAS Mentor.

In the era of daily cyber breaches and triple-digit dwell time (101 days, according to some researchers) Cyber Security Operations Centers (CSOC) are at the forefront of the security posture for most organizations. During this session, we will discuss the keys to creating a successful CSOC. We will cover the culture of a successful CSOC, the daily activities, and the overall structure of a Cyber Security Operations Center.

The goal of a successful CSOC is to detect and respond to suspicious and anomalous events rapidly, by contextualizing raw log data with IT and business imperatives. To achieve this lofty goal, the CSOC needs analysts trained in IT systems and threat detection to provide the ability to gain a deep understanding of business and technology ecosystem. We will discuss the processes and procedures a CSOC will need and the sources of data that will be analyzed.

Successful CSOC employs a mindset that assumes compromise as the fundamental bases of their activities; this mindset focuses the CSOCs efforts and reduces unnecessary distractions Building off of this mindset, we will discuss USAF Major John Boyd's approach to aerial dogfights, of Observe, Orient, Decide, Act AKA the OODA loop, and how it applies to CSOC operations.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Wireshark Training
Saturday, Jul 13, 2019

"Wireshark Training"

Betty DuBois

This is advanced training for Wireshark. Please download and install the latest version of Wireshark before you arrive. There will be NO wifi available onsite. Materials for the training will be available HERE after June 22. Please down it (and print it if you like) before you come to the class.

Outline for the class:
Who dunnit? - How to cut through the evidence from Wireshark to know definitively, "Whose fault is it?"

You will use Wireshark to observe:

Layer 4

  • TCP Handshake Negotiation Stumbling Blocks

  • Normal vs. Excessive Packet Loss

Layer 7

  • Negotiation

  • Authentication

  • Control vs. Data

  • Server Dependencies

  • Response Time Calculation

  • Transum Plugin

There will be three labs, with example trace files showing real issues.

Pizza, drinks, and cookies for lunch will be provided by ISSA. There are no vending machines, please bring your own snacks or drinks.

Betty is the Chief Detective for Packet Detectives, and has been solving mysteries since 1997. She troubleshoots the root cause of network and/or application issues. Using packets to solve crimes against the network and applications is her passion. Teaching others how to do the same is her calling.

  • Certified Wireshark University Instructor

  • Wireshark Certified Network Analyst

  • Sniffer Certified Expert

  • SharkFest Presenter 2008-'09, 2011-'13, 2015-'18

 

Location:
Georgia Hospital Association
1675 Terrell Mill Road
Marietta, GA 30067

Time:
10:00 am to 5:00 pm

Attendees will earn 6 CPEs.

Chapter Meeting for July
Thursday, Jul 25, 2019

"Demonstration of Application Security Vulnerabilities"

CT Chidambaram
Application Security Architect, Macys Technology

Live Demonstration of common vulnerabilities like SQL Injection, XSS, Local/Remote file inclusion. Including a quick look at the code (simple easy to understand sql/php code) which caused it and how they can be avoided.

CT has a broad experience in building and securing enterprise and embedded systems. He currently works for Macys as an Application security architect. He is responsible for improving software application and systems security for Macys. Evaluates new and proposed security systems, products, and technologies.

Prior to joining Macys, CT worked for US Bank, Cisco Systems, and AT&T in the areas of application security, application development, video encryption/delivery.

CT holds a MBA in information systems from Auburn. He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Scrum Product Owner (CSPO), Certified Scrum Master (CSM) and a Sun Certified Architect for JAVA Technology.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Chapter Meeting for August
Thursday, Aug 29, 2019

"Atlanta, how do we keep the winning streak going?"

David Rubinger
Atlanta Business Chronicle

David has spent the past 30 years as both an award-winning journalist and corporate communications executive. He returned to his roots at Atlanta Business Chronicle in 2015 to become its Market President and Publisher. The Chronicle is one of the largest and most successful business journals in the United States. It is the flagship for American City Business Journals Inc., which has business journals in 43 markets throughout the country.

David began his career in Atlanta with Atlanta Business Chronicle in 1989 to cover banking, investment, and real estate industries. He later served as managing editor and editor of the Chronicle until he joined Ketchum Public Relations as its senior vice president in late 1998. In 2003, David was tapped by Equifax to lead the company's global communications team; and in 2008 struck out on his own to start Rubinger Inc., a boutique corporate communications firm before returning "home" to the Chronicle in 2015.

A native of New York City, David is a graduate of Trinity College in Hartford, CT, where he received a B.A. in government. He is a member of Leadership Atlanta, Emory University Board of Visitors and Emory's Center for Ethics. David is on the board of the Metro Atlanta Chamber and the Atlanta Convention and Visitors Bureau. He lives in Ansley Park with his wife, Hedy, who chairs the healthcare practice at law firm Arnall Golden Gregory.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Chapter Meeting for September
Thursday, Sep 26, 2019

"Beyond Cybersecurity: Why, How, and What Do You Need to Know about Cyber Resilience?"

Michael Melore
IBM

New methods are required to address threats increasing in frequency, sophistication, and impact, in an increasing climate of cost constraints, and resource and skills shortage. Traditional security controls and response can't possibly keep pace.

Private and State sponsored dark web actors are well orchestrated, using innovative AI technologies, leveraging Digital Currencies, their R&D producing wares designed to circumvent traditional security practices have changed the game. You now require innovative security approaches.

The art of effective Threat Hunting, Advanced Analytics, Incident Response, and Cognitive Security are the new Cyber Resilience model.

IBM Cyber Security Advisor, Certified Information Systems Security Professional, author, and recognized subject matter expert in Security Intelligence, Identity Access Governance, and Authorization. Consulting roles include: Lead architect for many of the largest authentication and authorization infrastructures. This includes Billion user authentication infrastructures.

Speaking engagements include passionate discussions correlating blended threats across physical and logical infrastructure boundaries, Security Intelligence and Response, Identity Access Management and Governance, Security Visibility and Response, Defense in Depth, Security Immune Systems, Cloud Security, Business Process Risk Modeling, and Billion User Identity Crisis.

Conference and Summit speaking engagements include key notes, panelist, moderator: IANS Chicago, Executive Alliance CXO Summits across US cities, Executive Network CISO Chapter Meetings across US cities, ISACA Pittsburgh Information Security Awareness Day, ISSA, Fl Cyber Conference, APQC, Rochester Security Summit, Nebraska Cyber Security Conference, Evanta CISO Summits across US cities.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

Women in Security
Tuesday, Oct 08, 2019

"JOIN US FOR THE WOMEN IN SECURITY EVENT"

Please join Metro Atlanta ISSA Chapter on October 8th for the Women in Security event at One Alliance Center/SAP America in Buckhead, 2:30pm - 7:00pm.

This year's event will feature:

  • Opening presentation by Secretary Brad Raffensperger and Deputy Secretary Jordan Fuchs, Georgia Secretary of State Office

  • Presentation and panel led by Marci McCarthy, CEO & President of T.E.N.

  • Reception with networking opportunities

Click here to download flyer.

Location:
One Alliance Center
SAP America
3500 Lenox Rd
GT12
Atlanta, GA 30326

Time:
2:30 pm to 7:00 pm

Earn CPE credits with attendance

Chapter Meeting for October
Thursday, Oct 31, 2019

"Stopping Threats Faster with NextGen SIEM and SOAR"

Jim Mason
LogRhythm

Today's attackers are resourceful, patient, ruthless and leverage the power of numbers. Organizations often lack the manpower, processes, speed, and technology to combat these attackers. In this session, we will explore using NextGen SIEM, Machine Analytics and Security Orchestration, Automation & Response (SOAR) to enable rapid threat detection and remediation.

Jim Mason, CISSP is an Enterprise Sales Engineer with LogRhythm, specializing in SIEM, log management, network & endpoint monitoring, forensics and security analytics. He has nearly 30 years of Information Systems experience, including tenures at A10 Networks, Riverbed Technology, Fortinet, Cisco Systems, Foundry Networks and Anixter. Jim is a native of Philadelphia, PA and has resided in the Charlotte, NC area since 1994.

Location:
SecureWorks
1 Concourse Pkwy #500
Atlanta, GA 30328

Time:
6:30 pm to 8:30 pm

Earn CPE credits with attendance

2019 GAISSA Conference
Thursday, Nov 7, 2019

"Brighter. Secure Future. Now!"

11.07.2019 @ Loudermilk Center - Atlanta, GA

Designated the nation's tenth largest cyber city since 2006, Atlanta is a hotbed of innovation for information technology and security. The area is home to the nation's largest concentration of Fortune 1000 companies, and security professionals from these and a host of other corporations rely on the Metro Atlanta Chapter of ISSA to serve as a driving force behind collaboration and education.

The Metro Atlanta ISSA Chapter is bringing to you a full day of insights on cutting-edge tools, best practices and emerging trends. The 2019 conference provides a showcase for the latest developments within the field of information assurance. Leaders from the field of information assurance will discuss emergent threats, best practices, and current topics that focus on how security influences business, government, and organizations alike. Attendees can also participate in learning sessions and discussions with industry thought-leaders.
Attendees can also participate in learning sessions and discussions with industry thought-leaders.

$75 ISSA Members
$100 Non-Members

 

Location:
40 Courtland Street Northeast
Atlanta, GA 30303

 2020 by GAISSA

  • LinkedIn Social Icon