(ISC)2 Pittsburgh Chapter, Winter Meeting 2025
DATE: Tuesday, January 21, 2025
LOCATION: Both In-Person and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER:
Ira Winkler
NAME OF PRESENTATION:
You Can Stop Stupid
ABSTRACT:
“Behind a stupid user is a stupider security professional.” The user is not the big problem. It’s not that users make mistakes, it’s that we put them in the position to make the mistake. Come listen to Ira speak about ways to manage the proximity of the errors/mistakes and how to get ahead of the mistakes so that “You Can Stop Stupid”.
ZOOM INFORMATION:
Join Zoom Meeting
Please register to receive the Zoom Information
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/305650712
—————————————————-
(ISC)2 Pittsburgh Holiday Happy Hour
Wed Dec 11, 2024 4:30pm – 7pm (EST)
Allison Park, PA Location
Event is by invitation only. Please email isc2pghchapter@gmail.com if you are a member or are a close friend through another information security organization, and have not gotten an invite already.
(ISC)2 Pittsburgh Chapter, Fall Meeting 2024
DATE: Tuesday, October 29, 2024
LOCATION: Both In-Person and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER:
Travis Ralph
NAME OF PRESENTATION:
Threat Modeling a Generative AI Enterprise Application
ABSTRACT:
Threat modeling generative AI products can be daunting due to their complex requirements, but proper scoping, a framework, and a tool can streamline the process and recycle your work! After this presentation you will:
1. Walk away with recommendations to scope your GenAI app, so you only focus on relevant threats;
2. Learn how the four question framework pairs well with STRIDE per element to identify threats and mitigations, and;
3. Leave with a link to a nifty tool to modularize threat modeling results as code, so you can meet the developers where they are!
ZOOM INFORMATION:
Join Zoom Meeting
Please register to receive the Zoom Information
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/303498785
————————————————————————————————–
FutureCon Pittsburgh
Thursday, July 11 th , 2024
On Behalf of the ISC2 Pittsburgh Chapter,
You’re Invited to FutureCon!
FutureCon Pittsburgh
CyberSecurity Conference
Thursday, July 11 th , 2024
8:00 am – 5:00 pm
LIVE @ The Pittsburgh Marriott City Center
Keynote Speaker
Dawn Cappelli
Director of OT-CERT at Dragos,
Former VP and CISO at Rockwell Automation
CISO Panel
Anahi Santiago – Chief Information Security Officer | ChristianaCare
Jim Mahony – Chief Information Security Officer | Robert Morris University
Summer Craze Fowler – Chief Information Security Officer | Torc Robotics
Sam Merrell – Chief Information Security Officer | Kennametal
Felix Kyei Asare – Director, Cyber Security & Deputy CISO | Putnam Investments
FutureCon is Offering All ISC2 Members a Free In-Person VIP Pass
Full day ticket includes CPE Credits, All Sessions, CISO Panel, Networking,
Breakfast, Lunch, Happy Hour, Raffle Prizes and More ($200 Value)
Please use promo code ISC2PGH to register for a free full day pass
*no students, recruiters, vendors, sales, marketing or independent consultants, must be an employed IT professional
Wrap-up reception for all attendees celebrating your hard work dedicated to
fighting cybercrime! We look forward to seeing you!
View Additional Details HERE
————————————————————————————————–
Cybersecurity Summit Pittsburgh 2024
Date: Thursday, June 27th, 2024
Complimentary Admission to Official Cybersecurity Summit June 27
Learn how to protect yourself & your business from becoming a victim of cybercrime.
Join us for the 2nd Annual Official Pittsburgh Cybersecurity Summit, rated Top 5 InfoSec Conference Worldwide, held on Thursday, June 27th, 2024 at the Wyndham Grand Pittsburgh Downtown!
(ISC)2 Pittsburgh Chapter is a proud partner of this event & for a limited time has secured Exclusive Complimentary Admission for our network!
Register with code CSS24-ISC2PITT to secure your Free Pass at https://cyberriskalliance.swoogo.com/Pittsburgh-2024/register?code=CSS24-ISC2PITT
Note: Admission is for C-Suite & Senior Level Executives, Directors, Managers, and other Industry Professionals or Business Leaders. Those in Sales or Marketing and Students are not permitted.
Earn up to 8 Continuing Education Credits by attending the day in full. Admission includes a catered breakfast, lunch & cocktail reception.
Robert Kaminski, Cybersecurity Advisor for Pittsburgh, PA – Region III, CISA/US DHS and Sylvia D. Harris, CISO & Assistant Director, Security Department of Innovation and Performance, City of Pittsburgh will lead the Security Keynotes.
Learn from additional renowned Subject Matter Experts and thought leaders from Secureworks, Akamai, Okta, and many more who will discuss the latest security threats, best cyber hygiene practices, and innovative solutions to protect your business.
Please share/forward this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event.
For event details, visit https://CybersecuritySummit.com/Summit/Pittsburgh24/
If you would like to exhibit and / or speak at the Cybersecurity Summit, contact Andrew Levitt at Andrew.Levitt@CyberRiskAlliance.com.
————————————————————————–
(ISC)2 Pittsburgh Chapter, Spring Meeting 2024
DATE: Tuesday, June 11, 2024
LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER:
Jackie Deloplaine
NAME OF PRESENTATION:
Pittsburgh WiCYS
ABSTRACT:
A presentation and discussion on the Pittsburgh WiCYS Chapter goals and mission. WiCyS is where the recruitment, retention and advancement of women in cybersecurity happens.
ZOOM INFORMATION:
Join Zoom Meeting
Please register to receive the Zoom Information
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/301295524
______________________________________________
Archived Events
(ISC)2 Pittsburgh Chapter, Winter Meeting 2024
DATE: Tuesday, January 23, 2024
LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER:
Steph Saunders
Senior Security Consultant
TrustedSec
Steph Saunders (CEH, CPT, CMMC-RP) is a cyber security expert with over 10 years of experience working mainly in retail, critical manufacturing and other IT organizations. She is also on the Board of Directors for InfraGard Pittsburgh, and volunteers with a number of organizations to share her experiences and mentor those who want to get involved in Cyber Security.
NAME OF PRESENTATION:
Bridging the Gap
ABSTRACT:
A presentation and discussion on the bridging new requirements from PCI 4.0, ISO, NIST to a GRC Program.
ZOOM INFORMATION:
Join Zoom Meeting
Please register to receive the Zoom Information
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/298432981
(ISC)2 Pittsburgh Chapter, Fall Meeting 2023
DATE: Tuesday, October 17, 2023
LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER:
Justin Forbes
Program Lead
Cybersecurity and Infrastructure Security Agency (CISA)
Justin Forbes currently leads the Critical Product Evaluation service at CISA. He conducts security assessments on hardware devices in use within the Federal government and Critical Infrastructure providers.
NAME OF PRESENTATION:
CISA Services
ABSTRACT:
A presentation and discussion on the multitude of Services and Resources that CISA offers.
ZOOM INFORMATION:
Join Zoom Meeting
https://sei.zoomgov.com/j/1617818889?pwd=RnRpdTFwZmdqT2RKNmdsRkxUZHl4UT09&from=addon
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/296458170
______________________________________________
Complimentary Admission to Official Pittsburgh Cyber Security Summit Ft. FBI & US DHS July 27
Learn how to protect yourself & your business from becoming a victim of cybercrime.
Join us for the Inaugural Official Pittsburgh Cyber Security Summit, rated Top 5 InfoSec Conference Worldwide, held on Thursday, July 27 at the Wyndham Grand Pittsburgh Downtown.
(ISC)2 Pittsburgh is a proud partner of this event & for a limited time has secured Exclusive Complimentary Admission for our network!
Register with code ISC2PITT to secure your Free Pass at https://CyberSecuritySummit.com/Summit/Pittsburgh23/
Note: Admission is for C-Suite & Senior Level Executives, Directors, Managers, and other Industry Professionals or Business Leaders. Those in Sales or Marketing and Students are not permitted.
Earn up to 8 Continuing Education Credits by attending the day in full. Admission includes a catered breakfast, lunch & cocktail reception.
Robert Kaminski, Cybersecurity Advisor for Pittsburgh – Region III, CISA U.S. DHS and Steven J. Lampo, Supervisory Special Agent, FBI Pittsburgh, will lead the Opening & Closing Government Security Keynotes.
Learn from additional renowned Subject Matter Experts and thought leaders from IBM Security, Check Point Software Technologies, Darktrace, Thales and many more who will discuss the latest security threats, best cyber hygiene practices, and innovative solutions to protect your business.
You may share/forward this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event. =
For full details & to register, please visit https://CyberSecuritySummit.com/Summit/Pittsburgh23/
If you would like to exhibit and / or speak at the Cyber Security Summit, contact Tom Scaturro at Tom.Scaturro@CyberRiskAlliance.com
(ISC)2 Pittsburgh Chapter, Summer Meeting 2023
DATE: Tuesday, July 18, 2023
LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER:
Greg Touhill
NAME OF PRESENTATION:
The Future of Cybersecurity
ABSTRACT:
With the perimeter-based security model crumbling, cyber threats growing in number and potency, and cyber workforce gaps continuing to rise, what does the future of our cybersecurity look like? In this discussion, ISC2 member retired Brigadier General Greg Touhill, former Chief Information Security Officer (CISO) of the U.S. government and current CERT director at CMU’s Software Engineering Institute, will share his views of today’s cyber posture and what to expect in the future.
ZOOM INFORMATION:
Join Zoom Meeting
https://sei.zoomgov.com/j/1619307709?pwd=RTZkVTVsbytwci9SMEMxWUh6UkpYdz09&from=addon
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/294586615/
(ISC)2 Pittsburgh Chapter, Spring Meeting 2023
DATE: Tuesday, May 9, 2023
LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER: (Rescheduled to October 17th 2023)
Meeting updated as a presentation from Chris Rodman
Justin Forbes
Program Lead
Cybersecurity and Infrastructure Security Agency (CISA)
Justin Forbes currently leads the Critical Product Evaluation service at CISA. He conducts security assessments on hardware devices in use within the Federal government and Critical Infrastructure providers.
NAME OF PRESENTATION:
CISA Services
ABSTRACT:
A presentation and discussion on the multitude of Services and Resources that CISA offers.
ZOOM INFORMATION:
Join Zoom Meeting
https://sei.zoomgov.com/j/1613904276?pwd=SjV2TmVZOXZVTHQwZjA5cnhrRWhhQT09&from=addon
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/292966317/
———————————————————————
(ISC)2 Pittsburgh Chapter, Winter Meeting 2023
DATE: Tuesday, January 24, 2023
LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below
TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
PRESENTER:
Dominic Ross
Tech Lead for the Cyber Workforce Development Broadcast Media
SEI
Dominic Ross is the broadcast media team lead at the SEI where his work focuses on focuses on multimedia research and transformative gamification. In that role, he designs and engineers production studios and systems used to acquire training, conferences, webinars, and broadcast video used by the federal cybersecurity workforce, Carnegie Mellon University, and the SEI. Prior to joining the SEI, Ross worked in multiple roles in multimedia production and has experience as a digital media FX artist, editor, broadcast television technical director, production manager, and engineer.
NAME OF PRESENTATION:
Deepfakes
ABSTRACT:
A presentation and discussion on deepfakes, their exponential growth in recent years, and their increasing technical sophistication and realism.
Attendees will learn:
• the definition of deepfake
• fooling computers vs. fooling people
• how digital fingerprints are used in detection algorithms
• challenges in the field
ZOOM INFORMATION:
Join Zoom Meeting
https://sei.zoomgov.com/j/1602228360?pwd=cVg4ZVJwcDIzU2dKVS95b3pjaDhWUT09&from=addon
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/290912445
____________________________________________________
Complimentary Admission to 3rd Annual Official Cyber Security Summit Nov 4
Learn how to protect yourself & your business from becoming a victim of cybercrimeJoin us for the region’s 3rd Annual Official Columbus Cyber Security Summit, rated Top 5 InfoSec Conference Worldwide, held This Friday – November 4th, 2022.
ISC2 Pittsburgh is a proud partner of this event & has secured Exclusive Complimentary Admission for our network!
Register with code ISC2PITT to secure your Free Pass at https://CyberSecuritySummit.com/summit/Columbus22/
Attend onsite at the Renaissance Columbus Downtown Hotel to network & engage with colleagues and Industry Experts face-to-face. You will also enjoy a catered breakfast, lunch & cocktail reception.
If you cannot attend in person, you may register to attend virtually.
Earn up to 8 Continuing Education Credits by attending the day in full.
Adam Lawson, Supervisory Special Agent for The FBI Cincinnati/Columbus Office will be leading the Keynote and Terence Check, Senior Counsel – International Law & Infrastructure Security, Office of the Chief Counsel, CISA, U.S. DHS will be the closing keynote – exclusively for those attending onsite!
Learn from additional Subject Matter Experts from Darktrace, IBM Security, Cisco Secure, Blackberry Cylance and many more who will discuss the latest security threats, best practices, and innovative solutions to protect your business.
Please note: Admission is for C-Suite/Senior Level Executives, Directors, Managers, and other IT/Cyber Professionals and Business Owners/Leaders. Those in Sales / Marketing and Students are not permitted.
You are welcome to share this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event.
For event details, visit https://CyberSecuritySummit.com/summit/Columbus22/
If you would like to exhibit and / or speak at the Cyber Security Summit, contact Megan Hutton at MHutton@CyberSecuritySummit.com.
___________________________________________
(ISC)2 Pittsburgh Chapter, Fall Meeting 2022
DATE: Tuesday, October 18, 2022
LOCATION:
Online Virtual Meeting – Zoom Link below
TIME:
Presentation Begins: 7:00pm
PRESENTER:
Jon Zeolla
CTO and Co-Founder
Seiso LLC
Jon leads the development of all Seiso services, primarily focused on Simple yet effective solutions for highly complex environments like Kubernetes and cloud-native applications.
NAME OF PRESENTATION:
Introduction to the Cloud Native Security Controls Catalog
ABSTRACT:
The CNCF Security Technical Advisory Group (“Security TAG”) has provided a wealth of information to assist organizations in the planning and design of secure cloud native systems, including the Cloud Native Security Whitepaper (CNSWP) and the Software Supply Chain Best Practices Paper (SSCP). Organizations would like to self-assess their company’s alignment with these materials in a clear, concrete way, such as via checklists or automation.
Recently the team has developed the Cloud Native Security Controls Catalog (“Controls Catalog”) and completed the first phase of the project which provides a discrete list of the recommendations referenced in those whitepapers, with additional implementation information and a best-effort mapping of these controls to NIST SP 800-53r5. This effort is designed to complement and leverage, but not replace, existing industry accepted frameworks and assessment language.
Jon will discuss the process and impact of the project and how it relates to the industry.
ZOOM INFORMATION:
Join Zoom Meeting
https://sei.zoomgov.com/j/1605964755?pwd=RFdQMUNJMEdGT2JVTkY2RXBUcmgxZz09&from=addon
MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/288915721
___________________________________________
(ISC)2 Pittsburgh Chapter, Spring Meeting 2022
DATE: Tuesday, July 26, 2022
LOCATION:
Online Virtual Meeting – Zoom Link below
TIME:
Presentation Begins: 7:00pm
PRESENTERS:
Brian Benestelli
Cybersecurity Engineer
Carnegie Mellon University | SEI CERT
Brian currently leads SEI CERT’s support to the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (DOE CESER). CERT’s role in this partnership is to provide technical guidance for the Cybersecurity Capability Maturity Model (C2M2) Program and other CESER initiatives.
The C2M2 has been developed through a public-private partnership with the Energy sector and provides users with a repeatable way to measure the maturity of their cybersecurity capabilities. As a member of a collaborative team, Brian leverages his technical knowledge and past project management experience to help DOE CESER advance the C2M2 Program to address the latest threats to the Energy sector.
NAME OF PRESENTATION:
Cybersecurity Capability Maturity Model (C2M2)
ABSTRACT:
The Department of Energy just recently released a new version of the Cybersecurity Capability Maturity Model (C2M2). Join this presentation to learn more about maturity models and how the C2M2 can be used to help your organization.
ZOOM INFORMATION:
https://sei.zoomgov.com/j/1603587376?pwd=dnN3Wm55MnhRc0k0UnljMmxVM3VoUT09&from=addon
https://www.meetup.com/isc-pittsburgh-chapter/events/287080901
_______
(ISC)2 Pittsburgh Chapter, Spring Meeting 2022
DATE: Tuesday, April 26, 2022
LOCATION:
Online Virtual Meeting – Zoom Link below
TIME:
Presentation Begins: 7:00pm
PRESENTERS:
Chris Mansour, Ph.D.
Asst. Prof. of Cyber Security
Mercyhurst University
NAME OF PRESENTATION:
ICS Security and why ICS Security matters + Student Presentations
ABSTRACT:
Mercyhurst University’s Cyber Security bachelor’s program is one of the first stand-alone programs in the nation to follow both of these guidelines. Already home to one of the nation’s most respected Intelligence Studies programs, Mercyhurst is now able to leverage our experience, faculty expertise, cutting-edge resources and industry connections to provide an unparalleled cyber education at the undergraduate level.
Chris Mansour will discuss Mercyhurst University’s Cyber Security Program and Industrial Control Systems supporting critical infrastructure and the importance of why we should care about ICS security.
https://www.mercyhurst.edu/academics/cyber-security
ZOOM INFORMATION:
TBD
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/284892224
————————————————
CISOs of J&J, Optum/UnitedHealth and More Discuss Latest Cyber Threats at Virtual Healthcare & Pharma Summit March 1
Private Health Data is estimated to be worth 10 – 20 times the value of financial data on the Dark Web, making healthcare organizations a prime target of cyberattacks.
That being said, (ISC)2 Pittsburgh is proud to be a partner of the upcoming Virtual Official Cyber Healthcare & Pharma Summit on Tues., March 1.
We have secured Exclusive Complimentary Admission for those within our network who are executives in healthcare, medicine, or pharma responsible for their company’s critical data and infrastructure.
Those who qualify may register with code ISC2PITT to secure FREE Virtual Admission (regularly $95) at https://CyberSecuritySummit.com/Summit/Healthcare-East/
Renowned Industry Experts such as the Deputy Director of the U.S. DHS Cybersecurity and Infrastructure Security Agency (CISA), CISOs of Johnson & Johnson and Eli Lilly & Co, Head of IT for Merck, and many more will discuss the latest cyber threat landscape and challenges facing the healthcare industry and offer their insight & recommendations on how to protect your organization and its critical data and infrastructure.
Earn up to 8 Continuing Education Credits with full day attendance!
Please note: This Summit is designed exclusively for healthcare, medicine, and pharma professionals. Those in Sales / Marketing and Students are not permitted.
Please share this invitation with your industry colleagues who qualify to attend so that they may also join us.
For event details, visit https://CyberSecuritySummit.com/Summit/Healthcare-East/
If you would like to exhibit and / or speak at the Cyber Security Summit, contact Megan Hutton at MHutton@CyberSecuritySummit.com.
————————————————
CISSP Study Group 2022
How long has getting the CISSP been sitting on your bucket list? Make this the year!
ICS2 Pittsburgh is proud to sponsor student run CISSP study sessions. We will hold a the first study session on Monday, March 7, 2022 at 7pm EDT to kick off our new series of events. We expect to cover all domain material in about 10 weeks so go ahead and commit to a test today before the end of 2022.
During our initial session, we will determine what day of the week works best for the majority of individuals, you can ask questions of former ICS2 Pittsburgh Students that went on to get their CISSP and see if these sessions are right for you. All sessions will be held virtually on Google Meet. During the initial meeting, we will determine the day of the week that is best for the majority of individuals.
Feel free to email Anna Cotter with any questions or to register and get your meeting invite at:
cisspstudypittsburgh@gmail.com
We are looking for both students as well as mentors that currently hold a CISSP. You do not need to be from Pittsburgh or a chapter member to participate. Although we do ask that the study sessions are run by students each week. Students will have the opportunity to work with a mentor to develop their materials.
We look forward to meeting you!
(ISC)2 Pittsburgh Chapter, Winter Meeting 2022
DATE: Tuesday, January 25, 2022
LOCATION:
Online Virtual Meeting – Zoom Link below
TIME:
Presentation Begins: 7:00pm
PRESENTERS:
Mackenzie Monarko
Special Agent – Private Sector Coordinator
FBI Pittsburgh
NAME OF PRESENTATION:
How Infragard Relates to You and Your Organization
ABSTRACT:
InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats. InfraGard’s membership includes: business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia and state and local law enforcement—all dedicated to contributing industry-specific insight and advancing national security.
Special Agent Mackenzie Monarko will discuss updates and changes to Infraguard and how it relates to private sector organizations.
ZOOM INFORMATION:
https://cmu.zoom.us/j/99090110581?pwd=UWlYbENQNDBEbUtSR2NnVjhtbnVMQT09
Meeting ID: 990 9011 0581
Passcode: 195664
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/283242301/
(ISC)2 Pittsburgh Chapter, Fall Meeting 2021
Date: Tuesday, October 26, 2021
Location:
Online Virtual Meeting
Zoom Link: https://sei.zoomgov.com/j/1613913512?pwd=YkM1RzBRdWFjMElOdWlXb0VLcEJuZz09&from=addon
Time:
7:00pm EST
PRESENTER:
Adam Rauf
Associate Cyber Security, S-RM
NAME OF PRESENTATION:
Defense Wins Championships: How to use Sim-Ex to improve your security posture
ABSTRACT:
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/280756969/
(ISC)2 Pittsburgh Chapter, Summer Meeting 2021
Date: Tuesday, July 27, 2021
Location:
Online Virtual Meeting
Zoom Link: Available once you RSVP
Passcode: 855922
Time:
7:00pm EST
PRESENTER:
Jaime Ponicki
Associate Cybersecurity Engineer, Bayer Pharmaceuticals
NAME OF PRESENTATION:
Overview of recently published Vehicle Security paper “Targeted Discreditation Attack against Trust Management in Connected Vehicles”
ABSTRACT:
Vehicle-to-vehicle (V2V) communication systems in the U.S. rely on IEEE 1609.2 security protocols for message authentication using digital signatures. A key requirement for trust management in such systems is the ability to detect misbehaving vehicles, e.g., when vehicles are repeatedly forging signatures. However, this creates a new attack surface where receivers cannot determine whether the causes of signature verification failures are indeed malicious attacks. In this paper, we present our novel, open-source, USRP-based testbed and utilize it to demonstrate how a stealthy reactive jammer can exploit this vulnerability. Our novel, targeted attack is highly efficient(even given the short validity period for vehicle pseudonyms) and difficult to detect. Our experimental results show that our attack can successfully discredit a victim in prominent misbehavior detection schemes with just two minutes of jamming. Finally, we discuss the capabilities and extensibility of our testbed as well as the challenges of potential attack mitigation techniques.
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/279328557/
(ISC)2 Pittsburgh Chapter, Spring Meeting 2021
Date: Tuesday, April 27, 2021
Location:
Online Virtual Meeting
Time:
7:00pm EST
PRESENTER:
Josh Loberant
Sr. Technical Account Manager at Amazon
NAME OF PRESENTATION:
Overview of AWS Security Services and Solutions and Deep Dive into the AWS WAF.
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/277271968/
(ISC)2 Pittsburgh Winter Chapter Meeting 2020
Date: Tuesday, January 21, 2020
Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
Title: LAB: Various challenges covering Network Forensics, SCADA Security, Network Defense, and more!
Be sure to bring your laptop to participate!!
Presenters:
Brandon Grech & Jonathan Frederick
Abstract:
Attendees will be invited to try their hand at some of the challenges that were used in the 1st “President’s Cup Cyber Competition” that all Cyber Military and Federal employees were invited to take part in this past fall.
These challenges will be provided as an ISO containing various files and instructions. Analysis of the files based on the instructions will lead to a flag and we will manually verify if that is the correct one or not as we are not using the system that the participants had used.
Meeting Sponsor: Check Point
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/267818416/
(ISC)2 Pittsburgh Fall Chapter Meeting 2019
Date: Tuesday, October 22, 2019
Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
Title: Putting Out Fires Before They Start
Presenter:
Bill Lampe
Director of Technical Account Management
Tanium
Abstract:
A discussion about where we should be focusing our energy and resources in security. Most threats can be disposed of with security basic blocking and tackling, yet we get caught up in the rare complicated attacks.
Meeting Sponsor: Tanium Annual Sponsor: CyberSN
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/265516141/
(ISC)2 Pittsburgh Summer Chapter Meeting 2019
Date: Tuesday, July 23, 2019
Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
Title: Acquiring and Retaining Talent: A Proven Model
Presenter:
Deidre Diamond
CyberSN, Founder and CEO
Abstract:
The effective use of technology and processes in cybersecurity staffing can yield amazing results. Deidre Diamond will demonstrate how organizations can obtain cybersecurity talent in less than 60 days and retain them. This method combines the daily business operations of cybersecurity with a subject-matter specific common language lexicon to create teams where everyone knows their role and the roles of others, and where humans are allowed to think, feel and perceive without negative consequences.
Annual Sponsor: CyberSN
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/263010687/
(ISC)2 Pittsburgh Spring Chapter Meeting 2019
Date: Tuesday, April 23, 2019
Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
Title: From Tootsie-Pop to Honeycomb: Securing Your Network, Inside and Out
Presenter:
Joe Proie IV
CISSP, CISA, CRISC, CPT
Technology Risk Mgt (TRM) Policy Team Lead
Bank of New York Mellon
Topics Covered:
– The Biggest Myth about Cyber Security
– What is Defense-in-Depth?
– Why is perimeter security not enough?
– Myths about Security Tools
– Network Segmentation
– Cloud Computing Explained
– The Weakest Link
– Have a Plan
– What Can You Do?
Annual Sponsor: CyberSN
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/258997436/
Cyber-Tech Women’s Symposium
The (ISC)² Pittsburgh Chapter has been invited to attend and promote the upcoming and first annual Cyber-Tech Women’s Symposium at the Robert Morris University Campus on April 12th, 2019.
We hope this will be an opportunity to advance our mission in the Pittsburgh Community by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects.
If you’re interested in attending a link to the the event and registration is here.
(ISC)2 Pittsburgh Winter Chapter Meeting 2019
Date: Tuesday, January 22, 2019
Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
Title: Living off the land – Using native windows tools for blue team analysis
Presenter: Christopher Rodman, SEI
Description: Most security operations teams leverage the use of commercially available or open source tools for incident response and analysis. However in some cases a system may not have the appropriate agents installed or belong to the monitored network to allow an operator to leverage these tools. In these specific cases an analyst may need to leverage built in tools and utilities to conduct incident investigation in a timely manner. In this presentation we will review the native tools available on Windows systems to conduct root cause analysis and demonstrate how each can be of value. This talk is designed to familiarize the novice security analyst with built tools within MS-DOS and PowerShell and to incite the analyst to discover new and creative uses of these tools.
Connect | Educate | Inspire | Secure
When: Thursday, December 6, 2018- 6 PM to 9 PM
Pittsburgh Cultural Trust Arts Education Center
805 Liberty Avenue, Pittsburgh PA
https://www.meetup.com/PghCISSP/
(ISC)2 Pittsburgh Summer Chapter Meeting 2018
Date: Wednesday, August 15, 2018
Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm
Title: Hands on Lab: How to Use Multiple Security Tools within Security Onion to Actively Defend your Cyber Key Terrain. (bring your laptops!)
Presenter: Brandon Grech, SEI
Description: This hands-on training will showcase step-by-step guides and realistic scenarios on how to utilize Elastic Stack (Elasticsearch, Logstash, and Kibana), NetworkMiner, Grassmarlin, and other security tools within the newest release of Security Onion and additional open-source resources on various realistic networks (e.g., small-scale, global-scale, ICS/SCADA, etc.)
Sponsor: 
https://www.meetup.com/ISC-Pittsburgh-Chapter/events/252906457/
The (ISC)² Pittsburgh Chapter has been invited to attend the upcoming Data Connectors event ‘Pittsburgh Cybersecurity Conference 2018’, on Thursday August 16th.
We hope this will be an opportunity to advance our mission in the Pittsburgh Community by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects.
If you’re interested in attending a registration link for the event is here.
If you already plan to be there, stop by our booth and say hi!
Pittsburgh Cybersecurity Conference 2018
Data Connectors
Thursday, August 16, 2018 from 8:00 AM to 5:00 PM (EDT)
Mars, PA
Date: Wednesday April 11, 2018
Time: 5:30pm-7:30pm
Title: Hands on Lab: BGP Routing and Attacks (bring your laptops!)
Description: This course is intended to teach students the fundamentals of routing (both static and dynamic) as well as filtering traffic with iptables. Students will become familiar with configuring routers based on Alpine Linux and Quagga routing software. Step-by-step lab directions will be provided as well as a brief lecture covering each lab topic.
Objectives:
- Understand and configure static routing
- Understand network address translation (NAT) with iptables
- Filter traffic with iptables
- Configure dynamic routing with OSPF
- Configure dynamic routing with BGP
- Understand and practice BGP route hijacking
Presenter: Bill Reed, of SEI
Sponsor: Palo Alto Networks
Title: Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations
Presenter: Chris Seiders, Security Analyst, University of Pittsburgh, Computing Services and Systems Development (video) (slides)
Description: NIST Special Publication 800-171 “Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations”
What it is and how you may be impacted.
Sponsor: Optiv
Title: How to Beat Evasive Malware at Its Own Game
Presenter: Lenny Zeltser, VP of Products, Minerva Labs (presenting remotely)
Slides available for members only at the presenter’s request via isc2pghchapter@gmail.com
Wednesday, November 15, 2017
Time: 5:30pm-7:30pm
Developing sophisticated attacks takes time and requires heavy investment. Attackers safeguard their methods by designing malicious software to remain unnoticed by security tools for as long as possible. This educational session discusses some of the common evasive techniques that malware authors incorporate into their creations. Moreover, it proposes several innovative approaches for turning such capabilities against malware to defend endpoints, turning adversaries ‘ strengths into weaknesses.
You’ll learn about:
Common evasive techniques used by malware authors to bypass security defenses.
Ideas for exploiting evasive capabilities of such threats to give defenders an advantage over adversaries.
Free, proof-of-concept tools that demonstrate the effectiveness (and sometimes limitations) of such defensive techniques.
Attend this session to learn how evasive malware achieves its objectives and to consider methods for defending against such threats without relying on signatures, behavioral patterns or machine learning models.
About Lenny Zeltser
Lenny is a senior faculty member at SANS Institute and VP of Products at Minerva Labs. Earlier in his career, Lenny served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.
Sponsor: Minerva Labs
Title: Hands on Scripting lab with PowerShell and Python (bring a laptop)
Presenter: Joshua Acklin, Cyber Security Engineer, CERT (video)(slides )
Description: Introduction and completion of these labs.
Wednesday, August 23, 2017 – (ISC)2 Pittsburgh Chapter
Time: 5:30pm-8:30pm
Packet Capture Analysis with Python
This lab covers Python 2.7 and all content will revolve around the most recent version of Python 2.7. Students will walk through a basic Python guide and upon completion will create a simple Python application that identifies Unique IP addresses within a Packet Capture(pcap). Utilizing the Lab guide students will create a Python class with functions that sift through a large pcap, identify IP addresses, compare IP addresses with known IP address and make logical decisions on adding an IP address to a Python data structure.
Network Flow Analysis with Python
This lab is a continuation of Packet Capture Analysis with Python. In this lab, students will be provided a Python script skeleton: PacketSniffer to create a custom passive network flow analysis application. Using a Python library pyshark Students will create Python Objects to analyze network flow. Upon completion of PacketSniffer Students will monitor a probe within an adversaries network to identify IP addresses, ports, protocols, and anomalous behavior.
Host Intrusion Detection with Powershell
This lab is a continuation of Windows Filesystem Scanning with PowerShell. In this lab, students will be provided a PowerShell script skeleton: PowerHids to create a custom Host Intrusion Detection System. PowerHids will create a Window’s system baseline and a periodic monitoring check against the baseline. The Windows Systems Students are expected to monitor are, File System, Windows Registry, Network, and Running Processes. Upon completion of the PowerHids Script students will monitor a Windows system and identify changes.
Windows Filesystem Scanning with PowerShell
This lab introduces the fundamental basis for creating scripts in PowerShell. In this lab, you will learn some of the key aspects of PowerShell, how to traverse through a windows system identifying Key Terrain Cyber, and identifying system that have been manipulated within a Windows System. Key concepts that will be explained include the purpose of PowerShell, the use of PowerShell’s programming paradigm to create effective scripts, the four core aspects within a Windows system (network, processes, files, and the registry). On the conclusion of this module will understand the concepts and the development of a script to traverse a Windows File System creating an effective baseline in which to compare against.
High School Cyber Security Competition
75 students attended the 2017 STEM outreach program this summer, which was sponsored by The Software Engineering Institute’s CERT Division and the Pittsburgh Chapter of (ISC)2.
Alert Orchestration, presented by Luis Guzman
How to enrich alerts and deliver information to make a programmatic or human-aided decision.
Date: Tuesday, May 23rd
Time: 5:30 – 7:30 pm
Sponsor: Ethical Intruder (presentation)
Presenter: Luis Guzman (presentation)
Hands on Wireless Pen testing in an all virtual training environment .
Date: Wednesday, March 8th
Time: 5:30 – 7:30 pm
Presenter: Adam Welle, CERT
Sponsor: Anomali
ISC2 Pittsburgh Networking Event
As the snow starts falling, it’s that time of year. ISC2 Pittsburgh will host its first annual networking event this December 7th at the Allegheny Harvard Yale Princeton Club.
Our goal is to bring together Western Pennsylvania’s information security community in a laid back environment to get to know our group as well as each other. We have patterned this social after several others across the country and hope to make this event a great success.
We will take care of the appetizers and non-alcoholic beverages. A cash bar will be available for those looking to have beer and wine. In other words, attendance is free!
We encourage folks from ISC2, ISSA, Infragard, Steel City Infosec, OWASP, SEI and anyone else who is in any way associated with information security in Pittsburgh or those who would just like to get to know us better to attend. We welcome people from college students to CISOs and anyone in between!
The official information for the event is listed below. We strongly prefer that you register in advance if you plan on attending.
Date: Wednesday, December 7th 2016
Time: 6-9 pm
Location: Allegheny Harvard Yale Princeton Club, 619 William Penn Place,Pittsburgh, PA 15219
The event is generously sponsored by Gigamon, F5, Imperva, Cyber-Ark, and LogRhythm. Many thanks for their support.
Tuesday October 11, 2016 @ 6pm- ISC2 Chapter meetup. Dan Denne will be discussing strategies to pass the new CISSP exam. Dan recently passed the exam. Food will be served. Thanks go out to our sponsor Cigital. Expect an e-vite soon. All are welcome, certified or not!
Location: NCFTA
Wednesday, July 18-20, 2016 – The Software Engineering Institute’s CERT Division and (ISC)²® Pittsburgh Chapter’s High School Cyber Security Competition at Carnegie Mellon University
9:00AM – 4:00PM ET
Location: Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213
Wednesday, June 1, 2016, 5:30 p.m. – (ISC)2 Pittsburgh Chapter – CERT’s Security Board game “Three Envelopes”
Location: Microsoft Pittsburgh Office
Wednesday, March 23, 2016 – (ISC)2 Pittsburgh Chapter – Main Talk- Summer Fowler, Technical Director, Cybersecurity Risk & Resilience at CERT
Lighting talks
–Sid Faber – The CERT Network Security Monitoring Suite (install and config pdfs)
–Chad White- InfoSec Summit (ISSA) Columbus
–Allen Howard- Wireless Security
–Dan Denne- Red Forests
–Diane Planton & Ryan Sydlik- Meta-Directories and Identity Access Management
6:00PM – 8:30PM ET
Location: Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213
Tuesday, December 15, 2015 – (ISC)2 Pittsburgh Chapter – Find the Adversaries Artifacts! Hands-on Forensic Exercises.
Please join us for newly created hands-on forensics exercises in The CERT Simulation, Training, and Exercise Platform (STEPfwd) Virtual Platform. Find the adversaries artifacts!
5:00PM – 8:30PM ET
Wednesday, September 16, 2015 – (ISC)2 Pittsburgh Chapter – Blackhat / Defcon Speaker Ken Westin,
Operationalizing Threat Intelligence: How to Develop and Apply a Threat Intelligence Program
Please join us for Backhat / Defcon speaker Ken Westin. The topic will be Operationalizing Threat Intelligence: How to Develop and Apply a Threat Intelligence Program.
The talk will be followed by security table topics and discussion by our members. Some topics: Governance, Risk management and Compliance software (GRC), What’s new in Crypto & NIST FIPS 202/SHA-3, Device hacking and finding developer backdoors, What’s new in network security, An interesting security story and NoSQL security logging and mobile forensics.
5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213
Great job teens, the teachers were very impressed with your passion and how quickly you learned the security material, nice work!
Article:
http://sei.cmu.edu/news/article.cfm?assetID=442405&article=218&year=2015
July 27-29, 2015, 8:30 a.m. – 5 p.m. – High School Cyber Security Competition
High School students join the blue team this summer! Learn how to defend a virtual network against live attacks using open source tools such as Snort! Sponsored by CERT (cert.org) and ISC2 Pittsburgh (http://www.isc2chapter-pittsburgh.com).
The Pittsburgh Chapter is banding together with CERT.org to fill a gap in teen education today, to help develop the next generation of cybersecurity professional. This event will provide high school teens with an opportunity they may never get otherwise.
Where: Collaborative Innovation Center, Carnegie Mellon University4720 Forbes AvePittsburgh, PA 15213Cost: Free entrance (Street parking not included)Prize: 1st place prize $500 Student registration: http://goo.gl/v76Pr2 (limit 24)
Vendor sponsor: Accuvant, and @layer427expert
Wednesday, May 20, 2015 – (ISC)2 Pittsburgh Chapter – Race The Clock, Security Escape Room (bring your own laptop)
Escape rooms are a form of puzzle game where willing participants will be locked within a room with a specific scenario according to a respective theme (i.e. a laboratory, a jail cell, etc), either alone or alongside a team of individuals, to solve a plethora of puzzles and riddles using the elements found inside the room to attempt to escape within a certain amount of time.
In our version, the room is a virtual lab containing one or more virtual systems. The theme is a certain skill set or competency in the IT or computer security fields (i.e. networking, forensics, programming, etc). Instead of simply trying to escape, the end result the player hopes to achieve is discerning a final piece of information, and must work through a set of tasks and puzzles to discern this information. The player will have available or must unlock, the tools, information, and clues necessary to reach the final piece of information at the end of each challenge.
Chris Herr “Video Games as a Training Tool to Prepare the Next Generation of Cyber Warriors“
5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University4720 Forbes AvePittsburgh, PA 15213
Tuesday, January 13, 2015 – (ISC)2 Pittsburgh Chapter – Cyber Range
Join The Blue Team for hands-on exercises to defend a virtualized cyber range sponsored by CERT and ISC2 Pittsburgh Chapter. Use your defense skills against attacks, using open source tools, such as Nagios and Snort this winter. All Skill levels are welcome.
5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213
Agenda:
Chapter updates
Cyber Range