• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Information Systems Security Association

Los Angeles Chapter, cybersecurity, InfoSec, CISO, Privacy

  • Home
  • About ISSA-LA
    • Our Mission
    • ISSA LA Bylaws
    • Board Members
    • Advisory Board Members
    • Contact Us
  • Events
    • Upcoming Events
    • Event Archive
    • Speaker Guide
  • Security Tracks
    • Management
    • Privacy
    • Proactive
    • Reactive
    • Technical
  • Summit XII
    • Summit XI 2019
    • Summit X 2018
  • Membership
  • Become a Sponsor
    • 2019 Monthly Meeting Sponsors
    • 2019 Summit XI Sponsors
  • Good InfoSec Resources
    • Keeping Kids and Families Safe Online

Proactive

July – Gary Asplund

September 2, 2019 By Technology Director

Topic: My CEO Told Me We Have To Move Our Datacenter to the Public Cloud…So, What’s the Big Deal?

Abstract:

Consider the following:

– You don’t own any of it but, it is your responsibility to control and secure everything in it

– You don’t own any of it, but you critically depend on what’s in it

– You don’t maintain any of it, but you trust all of it is properly maintained at all times 

– You can’t touch any of it, but it’s up to you to completely orchestrate, control and secure what’s in it

– You can’t physically walk in anywhere but you (and anyone else on the planet with the right access) can virtually access from everywhere 

At first blush, a seasoned and experienced network / security director may not fully appreciate the significant differences and challenges his/her staff will experience in trying to fulfill their job duties when their datacenter is in the public cloud. The old strategy of ‘lift and shift’ – creating VM’s of all of your current/existing hardware and ‘shifting’ it to the cloud – will fail. Further evidence of the urgent need for purpose-built tools to secure public cloud infrastructures can be seen in the multiple and repeated data leaks and misconfiguration compromises we have seen in the last year – According to Gartner, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.” 

And in a world which is rapidly becoming completely ‘software defined’ new skills and tools are required. 

In this session, we will discuss why today’s IT organizations require mature and complete native tools – built in the cloud for the cloud – which provide: 

– Complete visibility
– Configuration management – Identity protection
– Secure DevOps
– Compliance Automation
– Governance Enforcement
– Environment Lockdown 

We will discuss the subtle yet profound differences in operating your datacenter in the public cloud vs operating your own datacenter. We will discuss the ’Shared Responsibility Model’ and what it really means to you and your IT department as you expand the number of workloads you move to the public cloud. And, as your sophistication increases, and you expand your use of PaaS and IaaS, the complexities follow in tandem. We will show how today’s IT organizations require new, purpose-built tools designed and capable of ’speaking the same language’ as the public cloud infrastructures and built to leverage the extensive API’s they provide.

Filed Under: Management, Monthly Meeting Speakers, Proactive, Technical

June – Kevin Albano

September 2, 2019 By Technology Director

Topic: Effective Threat Intelligence Sharing

Many organizations struggle with creating threat intelligence for a variety of reasons – availability of data, trust of the data, and effective integration with other sources, among others.  Further compounding the challenge is the need to convert the information into meaningful and actionable actions. With the possibility of mounting cyber threats to several densely populated areas, many municipalities across the world face a growing need for insightful information to act and react to real-time dangers.

In this presentation, we will present approaches to effective sharing of threat intelligence and how we create new threat intelligence every day using commercial data sources for malware, surface web, dark web and open data sources.

Speaker: Kevin Albano
Kevin Albano, Global Lead, Threat Intelligence, IBM X-Force IRIS
Kevin Albano has more than 17 years of experience working in information technology, law enforcement, and security consulting. Throughout his career, he has focused on investigating computer network intrusions, notifying impacted organizations, and disrupting some of the largest cyber espionage campaigns.

At IBM, Kevin is responsible for threat intelligence collections, managing advanced threat research and directing information analysis – all focused on helping customers understand their cyber threat risk and make decisions to protect their organization.

Prior to IBM, Kevin held prominent roles at the Federal Bureau of Investigation (FBI) and Mandiant. As a Special Agent at the Los Angeles FBI Field Office, Kevin developed the investigative process for examining computer network attack operations. He identified large-scale organized data theft operations and created the field guide for how cyber espionage investigators notify data breach victims.

Kevin joined Mandiant from the FBI to help defend commercial and government entities against cyber espionage. While at Mandiant, Kevin developed programs to analyze criminal attack infrastructures, notify victim commercial entities, and define threats. He also supported incident responders by categorizing and organizing threat information to identify sophisticated threat groups.

Kevin has also made significant contributions to the Information Sharing and Analysis Organization (ISAO) Standards Organization ISAO 300-1

Filed Under: Monthly Meeting Speakers, Proactive, Technical

June – By Paige M. Boshell

July 7, 2019 By Technology Director

Filed Under: ISSA Monthly Journal Articles, Management, Privacy, Proactive

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2

Primary Sidebar

Join Our Mailing List and Meetup

Email Subscription

Follow ISSA LA

  • LinkedIn
  • Twitter
  • YouTube

Listen to ISSA-LA President Richard Greenberg Being Interviewed by Ron Burgundy (Will Ferrell)

Grant funds are now available: Get exclusive access to Information Security Leaders: ask questions and obtain guidance; get policies, procedures and governance

We are Proud to Present our Educational Sponsors

ISSA Education Foundation

ISSA Los AngelesFollow

ISSA Los Angeles
issalaISSA Los Angeles@issala·
14 Jan

Calls are mounting among lawmakers to ramp up regulation of social media following the violent takeover of the U.S. Capitol last week. Silicon Valley Congresswoman Anna Eshoo said she will revive her efforts to amend Section 230. https://dot.la/section-230-2649886967.html

Reply on Twitter 1349521675600203781Retweet on Twitter 13495216756002037811Like on Twitter 13495216756002037812Twitter 1349521675600203781
issalaISSA Los Angeles@issala·
13 Jan

New York weighs biometric privacy law. Companies would have to get permission from individuals to take their biometric data, and store it only for as long as needed for the initial purpose of obtaining it. http://ow.ly/utLP50D7MC7

Reply on Twitter 1349497715504394240Retweet on Twitter 1349497715504394240Like on Twitter 13494977155043942401Twitter 1349497715504394240
issalaISSA Los Angeles@issala·
13 Jan

Breached European Covid-19 vaccine information posted online. http://ow.ly/DBwB50D7Mzr

Reply on Twitter 1349435312250957827Retweet on Twitter 1349435312250957827Like on Twitter 13494353122509578271Twitter 1349435312250957827
issalaISSA Los Angeles@issala·
13 Jan

Join us TODAY for our Law Enforcement Panel!!! Come join us as we have a great panel of law enforcement personnel, including the FBI and US Secret Service, as they discuss the latest cyber attacks and the trends that are being observed. Register here: http://ow.ly/NYEk50D2K4R

Reply on Twitter 1349401107160817665Retweet on Twitter 13494011071608176651Like on Twitter 13494011071608176652Twitter 1349401107160817665
issalaISSA Los Angeles@issala·
13 Jan

Cyber insurers get stricter about ransomware claims. Some insurance firms require policyholders to answer more detailed questions about ransomware incidents before deciding whether to pay claims. http://ow.ly/1lKn50D6Ax3

Reply on Twitter 1349144207517220865Retweet on Twitter 13491442075172208651Like on Twitter 13491442075172208652Twitter 1349144207517220865
issalaISSA Los Angeles@issala·
12 Jan

Malware in SolarWinds hack linked to Russian surveillance tech. http://ow.ly/uevz50D6AqK

Reply on Twitter 1349083839289823233Retweet on Twitter 1349083839289823233Like on Twitter 13490838392898232331Twitter 1349083839289823233
Load More...

Website Sponsors

Harassment Free Environment

ISSA-LA is dedicated to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, age, religion, or political affiliation. We have a zero tolerance policy for harassment in any form. Violations by any registered attendee or participant at any ISSA-LA events may result in expulsion and possible ban from future ISSA-LA events.


© Copyright 2019 ISSA LA · All Rights Reserved · Privacy Policy · Terms of Use