The Central Virginia Chapter of ISSA was founded in 2006 and is part of the national Information Systems Security Association (ISSA)(http://www.issa.org). The ISSA has more than 13,000 individual members and more than 100 chapters around the world. ISSA is the largest international, not-for-profit association for information security professionals. It provides educational forums, information resources and […]
Date: August 14, 1130-1PM Topic: Moving the Cheese: Next Generation Migratory Resource Protection Roland Cloutier, ADP’s Chief Security Officer, will share his ideas on the latest advances in security threat mitigation and the security intelligence landscape. Among the topics he will address are the cyber kill chain concept, threat visualization, holistic security intelligence, and the use of […]
Date: July 10, 1130-1PM Topic: APT1: Then and Now Mandiant is the industry leader in detecting and investigating advanced cyber attackers. The company tracks multiple threat actors and recently released a report on one such group it refers to as “APT1.” The report links APT1 to the 2nd Bureau of the People’s Liberation army (PLA) General staff […]
Date: June 12, 1130-1PM Topic: Who is watching the code? Source Code Repo Anti-Tampering Roughly one-third of US intellectual property value is the form of software, a third is in patents and other copyrighted materials, and the balance is in trade secrets. (Source: http://www.ipnav.com). Every company depends on proprietary software for competitive advantage, to improve customer service, to […]
Date: May 15, 2013 1130-1PM Topic: Data Loss Prevention for the Security Practitioner DLP technologies are becoming more mature and capable. However, like any security technology, a technology-first or –only approach is doomed. In this presentation, we will examine a systemic approach to establishing a successful DLP program. We will also examine several best practices that help […]
Date: April 10, 2013 1130-1PM Topic: Employees at companies all over the world have embraced the new breed of mobile devices and mobile applications that give them more personal productivity. Businesses have realized this trend and are actively moving to enable greater business productivity on the very devices their employees are bringing into the workplace. These […]
Security Architecture Security in today’s corporate world, both commercial and Federal, has never been more complex. We find ourselves confronted with a more advanced set of adversaries, more complex enterprise architectures blurring the outside edges of security domains while making use of mobile, cloud, and BYOD architectures, and even more demands on compliance audit reporting. […]
“Thanks for Recovering….Now I can Hack You!” Why do disaster recovery (DR) exercises fail? Is it a lack of planning or a lack of testing? Both of these would cause an exercise to fail, but is this really a failure? If a DR team member learns something from the exercise, or if the documentation is […]
The Human Aspect of Targeted/Apt Attacks Looking at the human aspect of offensive cyber operations is one of the most interesting parts of a malware analyst’s day. Malware that was generated by an algorithm, such as a polymorphic PDF, is a little boring because you know you aren’t fighting against a human on the other […]
THE CENTRAL VIRGINIA ISSA Cordially Invites You to Our ANNUAL HOLIDAY PARTY December 13 5:00 p.m. to 9:00 p.m. Capital Ale House 623 East Main Street (6th and Main St) Free parking is available in the Lanier Parking Systems Deck located on 6th & Cary Street. There is no charge for this event. ISSA will […]
The Central Virginia ISSA 2012 CISO Panel Please join our distinguished CISO panel of Dave Houlette (VCU Medical Center), Chris Tignor (CapitalOne) and Dave Zaras (Genworth) in a lively discussion of key cyber security issues such as cloud security, mobile security, and the need for increased IT resiliency. The panelists will provide us their perspective […]