• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Information Systems Security Association Los Angeles

Los Angeles Chapter, Cybersecurity, InfoSec, CISO, Privacy, Risk

  • Home
  • About
    • About ISSA-LA
    • Our Mission
    • ISSA LA Bylaws
    • Board Members
    • Advisory Board Members
    • Contact Us
  • Events
    • Upcoming Events
    • Past Events
    • Event Archive
    • Speaker Guide
  • Security Tracks
    • Management
    • Privacy
    • Proactive
    • Reactive
    • Technical
  • Security Summits
    • Summit XII 2022
    • Summit XI 2019
    • Summit X 2018
  • Membership
  • Become a Sponsor
    • Become Monthly Meeting Sponsor
    • Become 2022 Summit Sponsor
  • Resources
    • Information Security Links
    • Keeping Kids and Families Safe Online

Management

August – Dr. Paulo Shakarian

September 4, 2019 By Technology Director

Topic: Artificial Intelligence Research for Forecasting Exploit Usage
Vulnerability disclosure rates are at an all-time high – averaging over 1,000 per month in 2019 – more than twice as much as in 2016. But while disclosure rates have remained at this high level, hackers still only exploit a small fraction ranging from 2%-3% by most studies. Ironically, the fact that exploited vulnerabilities make up such a small portion mean that this a particularly challenging machine learning problem. In this talk will review a series of peer-reviewed research papers that were produced under U.S. government grant funding that have investigated this problem. Through a combination of machine learning, graph theory, and data mining (from sources including social media, deepweb, open web, and Tor sites), these approaches provided promising results. These techniques leveraged an understanding of not only the content of hacker discussions, but also the underlying social structure of these communities as well as technical information about the vulnerabilities themselves. This, in-turn, enabled successful forecasting of exploits before they become available – providing a 20-fold improvement in terms of precision. This talk not only reviews the peer reviewed research, but also gives insight into how machine learning can be used to address cybersecurity problems and provides examples of exploit usage successfully predicted ahead of time.

Filed Under: Management, Monthly Meeting Speakers, Privacy, Proactive, Reactive, Technical

July – Gary Asplund

September 2, 2019 By Technology Director

Topic: My CEO Told Me We Have To Move Our Datacenter to the Public Cloud…So, What’s the Big Deal?

Abstract:

Consider the following:

– You don’t own any of it but, it is your responsibility to control and secure everything in it

– You don’t own any of it, but you critically depend on what’s in it

– You don’t maintain any of it, but you trust all of it is properly maintained at all times 

– You can’t touch any of it, but it’s up to you to completely orchestrate, control and secure what’s in it

– You can’t physically walk in anywhere but you (and anyone else on the planet with the right access) can virtually access from everywhere 

At first blush, a seasoned and experienced network / security director may not fully appreciate the significant differences and challenges his/her staff will experience in trying to fulfill their job duties when their datacenter is in the public cloud. The old strategy of ‘lift and shift’ – creating VM’s of all of your current/existing hardware and ‘shifting’ it to the cloud – will fail. Further evidence of the urgent need for purpose-built tools to secure public cloud infrastructures can be seen in the multiple and repeated data leaks and misconfiguration compromises we have seen in the last year – According to Gartner, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.” 

And in a world which is rapidly becoming completely ‘software defined’ new skills and tools are required. 

In this session, we will discuss why today’s IT organizations require mature and complete native tools – built in the cloud for the cloud – which provide: 

– Complete visibility
– Configuration management – Identity protection
– Secure DevOps
– Compliance Automation
– Governance Enforcement
– Environment Lockdown 

We will discuss the subtle yet profound differences in operating your datacenter in the public cloud vs operating your own datacenter. We will discuss the ’Shared Responsibility Model’ and what it really means to you and your IT department as you expand the number of workloads you move to the public cloud. And, as your sophistication increases, and you expand your use of PaaS and IaaS, the complexities follow in tandem. We will show how today’s IT organizations require new, purpose-built tools designed and capable of ’speaking the same language’ as the public cloud infrastructures and built to leverage the extensive API’s they provide.

Filed Under: Management, Monthly Meeting Speakers, Proactive, Technical

June – By Paige M. Boshell

July 7, 2019 By Technology Director

Filed Under: ISSA Monthly Journal Articles, Management, Privacy, Proactive

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2

Primary Sidebar

Want to Get Notified of Future Events? Join Our Mailing List

Email Subscription

Follow ISSA LA

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Listen to ISSA-LA President Richard Greenberg Being Interviewed by Ron Burgundy (Will Ferrell)

Thanks to Our Educational Sponsor

ISSA Education Foundation

ISSA Los Angeles Follow

Information Systems Security Association Los Angeles Chapter

issala
issala ISSA Los Angeles @issala ·
7 Feb

Come and network with your friends, make new friends TOMORROW! Join Adriana Sanford, J.D., Dual LL.M. presenting: The Changing and Fragmenting Global Privacy Landscape on Feb 8 @ 5:30 pm in Santa Monica!
Register here: https://issala.org/event/the-changing-and-fragmenting-global-privacy-landscape-restructuring-from-the-corporate-board-level-down-to-avoid-hefty-fines-and-possible-criminal-penalties/

Reply on Twitter 1623016268180905987 Retweet on Twitter 1623016268180905987 1 Like on Twitter 1623016268180905987 1 Twitter 1623016268180905987
issala ISSA Los Angeles @issala ·
2 Feb

Come and network with your friends, make new friends. Join Adriana Sanford, J.D., Dual LL.M. presenting: The Changing and Fragmenting Global Privacy Landscape on Feb 8 @ 5:30 pm in Santa Monica!
Register here: https://issala.org/event/the-changing-and-fragmenting-global-privacy-landscape-restructuring-from-the-corporate-board-level-down-to-avoid-hefty-fines-and-possible-criminal-penalties/

Reply on Twitter 1621193464749899776 Retweet on Twitter 1621193464749899776 6 Like on Twitter 1621193464749899776 4 Twitter 1621193464749899776
issala ISSA Los Angeles @issala ·
16 Jan

“They left the front, side, and back doors open.”—Zach Edwards, independent privacy and security researcher, referring to the LAPD and their use of a leaky app called SweepWizard in coordinating raids (Wired) https://www.wired.com/story/sweepwizard-police-raids-data-exposure/?utm_campaign=itb&utm_medium=newsletter&utm_source=morning_brew

Reply on Twitter 1615106785324539929 Retweet on Twitter 1615106785324539929 Like on Twitter 1615106785324539929 1 Twitter 1615106785324539929
issala ISSA Los Angeles @issala ·
14 Jan

How and when LastPass reported a breach that affected 33 million customers raises concerns about the limits and effectiveness of US notification laws. https://www.cyberscoop.com/lastpass-breach-notification-privacy/

Reply on Twitter 1614069086866079746 Retweet on Twitter 1614069086866079746 Like on Twitter 1614069086866079746 1 Twitter 1614069086866079746
issala ISSA Los Angeles @issala ·
13 Jan

Google Keyword-Search Warrants Questioned by Colorado Lawyers https://www.bloomberg.com/news/articles/2023-01-12/google-keyword-search-warrants-questioned-by-colorado-lawyers?mod=djemCybersecruityPro&tpl=cy

Reply on Twitter 1613989483027828737 Retweet on Twitter 1613989483027828737 Like on Twitter 1613989483027828737 1 Twitter 1613989483027828737
issala ISSA Los Angeles @issala ·
13 Jan

Tesla Returns as Pwn2Own Hacker Takeover Target https://www.securityweek.com/tesla-returns-pwn2own-hacker-takeover-target?mod=djemCybersecruityPro&tpl=cy

Reply on Twitter 1613929037407174657 Retweet on Twitter 1613929037407174657 Like on Twitter 1613929037407174657 1 Twitter 1613929037407174657
Load More

Website Sponsors

Harassment Free Environment

ISSA-LA is dedicated to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, age, religion, or political affiliation. We have a zero tolerance policy for harassment in any form. Violations by any registered attendee or participant at any ISSA-LA events may result in expulsion and possible ban from future ISSA-LA events.


© Copyright 2022 ISSA LA · All Rights Reserved · Privacy Policy · Terms of Use