Events

(ISC)2 Pittsburgh Chapter, Winter Meeting 2024

DATE: Tuesday, January 23, 2024

LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below

TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

PRESENTER:
Steph Saunders
Senior Security Consultant
TrustedSec

Steph Saunders (CEH, CPT, CMMC-RP) is a cyber security expert with over 10 years of experience working mainly in retail, critical manufacturing and other IT organizations. She is also on the Board of Directors for InfraGard Pittsburgh, and volunteers with a number of organizations to share her experiences and mentor those who want to get involved in Cyber Security.

NAME OF PRESENTATION:
Bridging the Gap

ABSTRACT:
A presentation and discussion on the bridging new requirements from PCI 4.0, ISO, NIST to a GRC Program.

ZOOM INFORMATION:
Join Zoom Meeting
Please register to receive the Zoom Information

MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/298432981

______________________________________________

Archived Events


(ISC)2 Pittsburgh Chapter, Fall Meeting 2023

DATE: Tuesday, October 17, 2023

LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below

TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

PRESENTER:
Justin Forbes
Program Lead
Cybersecurity and Infrastructure Security Agency (CISA)

Justin Forbes currently leads the Critical Product Evaluation service at CISA. He conducts security assessments on hardware devices in use within the Federal government and Critical Infrastructure providers.

NAME OF PRESENTATION:
CISA Services

ABSTRACT:
A presentation and discussion on the multitude of Services and Resources that CISA offers.

ZOOM INFORMATION:
Join Zoom Meeting

https://sei.zoomgov.com/j/1617818889?pwd=RnRpdTFwZmdqT2RKNmdsRkxUZHl4UT09&from=addon

MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/296458170

______________________________________________

Complimentary Admission to Official Pittsburgh Cyber Security Summit Ft. FBI & US DHS July 27

Learn how to protect yourself & your business from becoming a victim of cybercrime.

Join us for the Inaugural Official Pittsburgh Cyber Security Summit, rated Top 5 InfoSec Conference Worldwide, held on Thursday, July 27 at the Wyndham Grand Pittsburgh Downtown.

(ISC)2 Pittsburgh is a proud partner of this event & for a limited time has secured Exclusive Complimentary Admission for our network!

Register with code ISC2PITT to secure your Free Pass at https://CyberSecuritySummit.com/Summit/Pittsburgh23/

Note: Admission is for C-Suite & Senior Level Executives, Directors, Managers, and other Industry Professionals or Business Leaders. Those in Sales or Marketing and Students are not permitted.

Earn up to 8 Continuing Education Credits by attending the day in full. Admission includes a catered breakfast, lunch & cocktail reception.

Robert Kaminski, Cybersecurity Advisor for Pittsburgh – Region III, CISA U.S. DHS and Steven J. Lampo, Supervisory Special Agent, FBI Pittsburgh, will lead the Opening & Closing Government Security Keynotes.

Learn from additional renowned Subject Matter Experts and thought leaders from IBM Security, Check Point Software Technologies, Darktrace, Thales and many more who will discuss the latest security threats, best cyber hygiene practices, and innovative solutions to protect your business.

You may share/forward this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event. =

For full details & to register, please visit https://CyberSecuritySummit.com/Summit/Pittsburgh23/

If you would like to exhibit and / or speak at the Cyber Security Summit, contact Tom Scaturro at Tom.Scaturro@CyberRiskAlliance.com

(ISC)2 Pittsburgh Chapter, Summer Meeting 2023

DATE: Tuesday, July 18, 2023

LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below

TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

PRESENTER:
Greg Touhill

NAME OF PRESENTATION:
The Future of Cybersecurity

ABSTRACT:
With the perimeter-based security model crumbling, cyber threats growing in number and potency, and cyber workforce gaps continuing to rise, what does the future of our cybersecurity look like? In this discussion, ISC2 member retired Brigadier General Greg Touhill, former Chief Information Security Officer (CISO) of the U.S. government and current CERT director at CMU’s Software Engineering Institute, will share his views of today’s cyber posture and what to expect in the future.

ZOOM INFORMATION:
Join Zoom Meeting

https://sei.zoomgov.com/j/1619307709?pwd=RTZkVTVsbytwci9SMEMxWUh6UkpYdz09&from=addon

MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/294586615/


(ISC)2 Pittsburgh Chapter, Spring Meeting 2023

DATE: Tuesday, May 9, 2023

LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below

TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

PRESENTER: (Rescheduled to October 17th 2023)

Meeting updated as a presentation from  Chris Rodman
Justin Forbes
Program Lead
Cybersecurity and Infrastructure Security Agency (CISA)

Justin Forbes currently leads the Critical Product Evaluation service at CISA. He conducts security assessments on hardware devices in use within the Federal government and Critical Infrastructure providers.

NAME OF PRESENTATION:
CISA Services

ABSTRACT:
A presentation and discussion on the multitude of Services and Resources that CISA offers.

ZOOM INFORMATION:
Join Zoom Meeting

https://sei.zoomgov.com/j/1613904276?pwd=SjV2TmVZOXZVTHQwZjA5cnhrRWhhQT09&from=addon

MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/292966317/


———————————————————————

(ISC)2 Pittsburgh Chapter, Winter Meeting 2023

DATE: Tuesday, January 24, 2023

LOCATION: Both In-Persona and Online
Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA
Online Virtual Meeting – Zoom Link below

TIME:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

PRESENTER:
Dominic Ross
Tech Lead for the Cyber Workforce Development Broadcast Media
SEI

Dominic Ross is the broadcast media team lead at the SEI where his work focuses on focuses on multimedia research and transformative gamification. In that role, he designs and engineers production studios and systems used to acquire training, conferences, webinars, and broadcast video used by the federal cybersecurity workforce, Carnegie Mellon University, and the SEI. Prior to joining the SEI, Ross worked in multiple roles in multimedia production and has experience as a digital media FX artist, editor, broadcast television technical director, production manager, and engineer.

NAME OF PRESENTATION:
Deepfakes

ABSTRACT:
A presentation and discussion on deepfakes, their exponential growth in recent years, and their increasing technical sophistication and realism.

Attendees will learn:
• the definition of deepfake
• fooling computers vs. fooling people
• how digital fingerprints are used in detection algorithms
• challenges in the field

ZOOM INFORMATION:
Join Zoom Meeting

https://sei.zoomgov.com/j/1602228360?pwd=cVg4ZVJwcDIzU2dKVS95b3pjaDhWUT09&from=addon

MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/290912445

____________________________________________________

Complimentary Admission to 3rd Annual Official Cyber Security Summit Nov 4

Learn how to protect yourself & your business from becoming a victim of cybercrimeJoin us for the region’s 3rd Annual Official Columbus Cyber Security Summit, rated Top 5 InfoSec Conference Worldwide, held This Friday – November 4th, 2022.

ISC2 Pittsburgh is a proud partner of this event & has secured Exclusive Complimentary Admission for our network!

Register with code ISC2PITT to secure your Free Pass at https://CyberSecuritySummit.com/summit/Columbus22/

Attend onsite at the Renaissance Columbus Downtown Hotel to network & engage with colleagues and Industry Experts face-to-face. You will also enjoy a catered breakfast, lunch & cocktail reception.

If you cannot attend in person, you may register to attend virtually.

Earn up to 8 Continuing Education Credits by attending the day in full.

Adam LawsonSupervisory Special Agent for The FBI Cincinnati/Columbus Office will be leading the Keynote and Terence Check, Senior Counsel –  International Law & Infrastructure Security, Office of the Chief Counsel, CISA, U.S. DHS will be the closing keynote – exclusively for those attending onsite!

Learn from additional Subject Matter Experts from Darktrace, IBM Security, Cisco Secure, Blackberry Cylance and many more who will discuss the latest security threats, best practices, and innovative solutions to protect your business.

Please note: Admission is for C-Suite/Senior Level Executives, Directors, Managers, and other IT/Cyber Professionals and Business Owners/Leaders. Those in Sales / Marketing and Students are not permitted.

You are welcome to share this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event.

For event details, visit https://CyberSecuritySummit.com/summit/Columbus22/

If you would like to exhibit and / or speak at the Cyber Security Summit, contact Megan Hutton at MHutton@CyberSecuritySummit.com.

Poster of Event___________________________________________

(ISC)2 Pittsburgh Chapter, Fall Meeting 2022

DATE: Tuesday, October 18, 2022

LOCATION:
Online Virtual Meeting – Zoom Link below

TIME:
Presentation Begins: 7:00pm

PRESENTER:
Jon Zeolla
CTO and Co-Founder
Seiso LLC

Jon leads the development of all Seiso services, primarily focused on Simple yet effective solutions for highly complex environments like Kubernetes and cloud-native applications.

NAME OF PRESENTATION:
Introduction to the Cloud Native Security Controls Catalog

ABSTRACT:
The CNCF Security Technical Advisory Group (“Security TAG”) has provided a wealth of information to assist organizations in the planning and design of secure cloud native systems, including the Cloud Native Security Whitepaper (CNSWP) and the Software Supply Chain Best Practices Paper (SSCP). Organizations would like to self-assess their company’s alignment with these materials in a clear, concrete way, such as via checklists or automation.
Recently the team has developed the Cloud Native Security Controls Catalog (“Controls Catalog”) and completed the first phase of the project which provides a discrete list of the recommendations referenced in those whitepapers, with additional implementation information and a best-effort mapping of these controls to NIST SP 800-53r5. This effort is designed to complement and leverage, but not replace, existing industry accepted frameworks and assessment language.
Jon will discuss the process and impact of the project and how it relates to the industry.

ZOOM INFORMATION:
Join Zoom Meeting
https://sei.zoomgov.com/j/1605964755?pwd=RFdQMUNJMEdGT2JVTkY2RXBUcmgxZz09&from=addon

MEETUP:
https://www.meetup.com/isc-pittsburgh-chapter/events/288915721

___________________________________________

(ISC)2 Pittsburgh Chapter, Spring Meeting 2022

DATE: Tuesday, July 26, 2022

LOCATION:
Online Virtual Meeting – Zoom Link below

TIME:
Presentation Begins: 7:00pm

PRESENTERS:
Brian Benestelli
Cybersecurity Engineer
Carnegie Mellon University | SEI CERT

Brian currently leads SEI CERT’s support to the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (DOE CESER). CERT’s role in this partnership is to provide technical guidance for the Cybersecurity Capability Maturity Model (C2M2) Program and other CESER initiatives.

The C2M2 has been developed through a public-private partnership with the Energy sector and provides users with a repeatable way to measure the maturity of their cybersecurity capabilities. As a member of a collaborative team, Brian leverages his technical knowledge and past project management experience to help DOE CESER advance the C2M2 Program to address the latest threats to the Energy sector.

NAME OF PRESENTATION:
Cybersecurity Capability Maturity Model (C2M2)

ABSTRACT:
The Department of Energy just recently released a new version of the Cybersecurity Capability Maturity Model (C2M2). Join this presentation to learn more about maturity models and how the C2M2 can be used to help your organization.

ZOOM INFORMATION:
https://sei.zoomgov.com/j/1603587376?pwd=dnN3Wm55MnhRc0k0UnljMmxVM3VoUT09&from=addon

https://www.meetup.com/isc-pittsburgh-chapter/events/287080901

_______

(ISC)2 Pittsburgh Chapter, Spring Meeting 2022

DATE: Tuesday, April 26, 2022

LOCATION:
Online Virtual Meeting – Zoom Link below

TIME:
Presentation Begins: 7:00pm

PRESENTERS:
Chris Mansour, Ph.D.
Asst. Prof. of Cyber Security
Mercyhurst University

NAME OF PRESENTATION:
ICS Security and why ICS Security matters + Student Presentations

ABSTRACT:
Mercyhurst University’s Cyber Security bachelor’s program is one of the first stand-alone programs in the nation to follow both of these guidelines. Already home to one of the nation’s most respected Intelligence Studies programs, Mercyhurst is now able to leverage our experience, faculty expertise, cutting-edge resources and industry connections to provide an unparalleled cyber education at the undergraduate level.

Chris Mansour will discuss Mercyhurst University’s Cyber Security Program and Industrial Control Systems supporting critical infrastructure and the importance of why we should care about ICS security.

https://www.mercyhurst.edu/academics/cyber-security

ZOOM INFORMATION:

TBD

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/284892224​

————————————————​

CISOs of J&J, Optum/UnitedHealth and More Discuss Latest Cyber Threats at Virtual Healthcare & Pharma Summit March 1

Private Health Data is estimated to be worth 10 – 20 times the value of financial data on the Dark Web, making healthcare organizations a prime target of cyberattacks.

That being said, (ISC)2 Pittsburgh is proud to be a partner of the upcoming Virtual Official Cyber Healthcare & Pharma Summit on Tues., March 1.

We have secured Exclusive Complimentary Admission for those within our network who are executives in healthcare, medicine, or pharma responsible for their company’s critical data and infrastructure.

Those who qualify may register with code ISC2PITT to secure FREE Virtual Admission (regularly $95) at https://CyberSecuritySummit.com/Summit/Healthcare-East/

Renowned Industry Experts such as the Deputy Director of the U.S. DHS Cybersecurity and Infrastructure Security Agency (CISA), CISOs of Johnson & Johnson and Eli Lilly & Co, Head of IT for Merck, and many more will discuss the latest cyber threat landscape and challenges facing the healthcare industry and offer their insight & recommendations on how to protect your organization and its critical data and infrastructure.

Earn up to 8 Continuing Education Credits with full day attendance!

Please note: This Summit is designed exclusively for healthcare, medicine, and pharma professionals. Those in Sales / Marketing and Students are not permitted.

Please share this invitation with your industry colleagues who qualify to attend so that they may also join us.

For event details, visit https://CyberSecuritySummit.com/Summit/Healthcare-East/

If you would like to exhibit and / or speak at the Cyber Security Summit, contact Megan Hutton at MHutton@CyberSecuritySummit.com.

————————————————

CISSP Study Group 2022

How long has getting the CISSP been sitting on your bucket list? Make this the year!

ICS2 Pittsburgh is proud to sponsor student run CISSP study sessions.  We will hold a the first study session on Monday, March 7, 2022 at 7pm EDT to kick off our new series of events. We expect to cover all domain material in about 10 weeks so go ahead and commit to a test today before the end of 2022.

During our initial session, we will determine what day of the week works best for the majority of individuals, you can ask questions of former ICS2 Pittsburgh Students that went on to get their CISSP and see if these sessions are right for you.   All sessions will be held virtually on Google Meet.  During the initial meeting, we will determine the day of the week that is best for the majority of individuals.

Feel free to email Anna Cotter with any questions or to register and get your meeting invite at:

cisspstudypittsburgh@gmail.com

We are looking for both students as well as mentors that currently hold a CISSP.  You do not need to be from Pittsburgh or a chapter member to participate.  Although we do ask that the study sessions are run by students each week.  Students will have the opportunity to work with a mentor to develop their materials.

We look forward to meeting you!


(ISC)2 Pittsburgh Chapter, Winter Meeting 2022

DATE: Tuesday, January 25, 2022

LOCATION:
Online Virtual Meeting – Zoom Link below

TIME:
Presentation Begins: 7:00pm

PRESENTERS:
Mackenzie Monarko
Special Agent – Private Sector Coordinator
FBI Pittsburgh

NAME OF PRESENTATION:
How Infragard Relates to You and Your Organization

ABSTRACT:
InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats. InfraGard’s membership includes: business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia and state and local law enforcement—all dedicated to contributing industry-specific insight and advancing national security.

Special Agent Mackenzie Monarko will discuss updates and changes to Infraguard and how it relates to private sector organizations.

https://www.infragard.org/

ZOOM INFORMATION:

https://cmu.zoom.us/j/99090110581?pwd=UWlYbENQNDBEbUtSR2NnVjhtbnVMQT09

Meeting ID: 990 9011 0581

Passcode: 195664

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/283242301/


(ISC)2 Pittsburgh Chapter, Fall Meeting 2021

Date: Tuesday, October 26, 2021

Location:
Online Virtual Meeting
Zoom Link: https://sei.zoomgov.com/j/1613913512?pwd=YkM1RzBRdWFjMElOdWlXb0VLcEJuZz09&from=addon

Time:
7:00pm EST

PRESENTER:
Adam Rauf
Associate Cyber Security, S-RM

NAME OF PRESENTATION:
Defense Wins Championships: How to use Sim-Ex to improve your security posture

ABSTRACT:

What do the best athletes do in the off-season? They practice, prepare, and conduct simulations of stressful situations so that when the real moment comes during a game, the adrenaline kicks in and they’re focused on accomplishing their goal with poise. What do organizations do when a cyber incident occurs? Most will panic and spend the next several days, weeks, or even months trying to recover and the process will repeat itself because everyone is understaffed, over budget, and underprepared for the next one.
We’re willing to practice our chosen sport or instrument, to speak publicly, or to learn a new skill so that we can improve on our abilities. Why are we so hesitant to do so within security? The best way to get better is by constantly challenging and testing yourself, and preparing for ‘The Darkest Timeline’ moments so that you can calmly address the situation if (and when) it occurs. During this session, we’ll be talking about the importance of these ‘dress rehearsals’: running through practice measures and exercises to better prepare yourself for the next big incident, and what you should be doing after each major one hereafter.
Additionally, we’ll take a look at bonuses to be gleaned from running through these simulations, which include improving your bench strength, addressing gaps in your security, and in some cases, finding additional funding to address those gaps (!!!).
Join us for a session on how you can instill this mentality into your organization and your practices.

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/280756969/


(ISC)2 Pittsburgh Chapter, Summer Meeting 2021

Date: Tuesday, July 27, 2021

Location:
Online Virtual Meeting
Zoom Link: Available once you RSVP
Passcode: 855922

Time:
7:00pm EST

PRESENTER:
Jaime Ponicki
Associate Cybersecurity Engineer, Bayer Pharmaceuticals

NAME OF PRESENTATION:
Overview of recently published Vehicle Security paper “Targeted Discreditation Attack against Trust Management in Connected Vehicles”

ABSTRACT:
Vehicle-to-vehicle (V2V) communication systems in the U.S. rely on IEEE 1609.2 security protocols for message authentication using digital signatures. A key requirement for trust management in such systems is the ability to detect misbehaving vehicles, e.g., when vehicles are repeatedly forging signatures. However, this creates a new attack surface where receivers cannot determine whether the causes of signature verification failures are indeed malicious attacks. In this paper, we present our novel, open-source, USRP-based testbed and utilize it to demonstrate how a stealthy reactive jammer can exploit this vulnerability. Our novel, targeted attack is highly efficient(even given the short validity period for vehicle pseudonyms) and difficult to detect. Our experimental results show that our attack can successfully discredit a victim in prominent misbehavior detection schemes with just two minutes of jamming. Finally, we discuss the capabilities and extensibility of our testbed as well as the challenges of potential attack mitigation techniques.

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/279328557/


(ISC)2 Pittsburgh Chapter, Spring Meeting 2021

Date: Tuesday, April 27, 2021

Location:
Online Virtual Meeting

Time:
7:00pm EST

PRESENTER:
Josh Loberant
Sr. Technical Account Manager at Amazon

NAME OF PRESENTATION:
Overview of AWS Security Services and Solutions and Deep Dive into the AWS WAF.

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/277271968/



(ISC)2 Pittsburgh Winter Chapter Meeting 2020

Date:  Tuesday, January 21, 2020

Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA

Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

Title: LAB: Various challenges covering Network Forensics, SCADA Security, Network Defense, and more!

Be sure to bring your laptop to participate!!

Presenters:
Brandon Grech & Jonathan Frederick

Abstract:

Attendees will be invited to try their hand at some of the challenges that were used in the 1st “President’s Cup Cyber Competition” that all Cyber Military and Federal employees were invited to take part in this past fall.

These challenges will be provided as an ISO containing various files and instructions. Analysis of the files based on the instructions will lead to a flag and we will manually verify if that is the correct one or not as we are not using the system that the participants had used.

Sponsors:

Meeting Sponsor: Check Point

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/267818416/


(ISC)2 Pittsburgh Fall Chapter Meeting 2019

Date:  Tuesday, October 22, 2019

Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA

Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

Title: Putting Out Fires Before They Start

Presenter:
Bill Lampe
Director of Technical Account Management
Tanium

Abstract:

A discussion about where we should be focusing our energy and resources in security. Most threats can be disposed of with security basic blocking and tackling, yet we get caught up in the rare complicated attacks.

Sponsors:

Meeting Sponsor: Tanium                                    Annual Sponsor: CyberSN

Image result for tanium                                   Image result for cybersn image

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/265516141/


(ISC)2 Pittsburgh Summer Chapter Meeting 2019

Date:  Tuesday, July 23, 2019

Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA

Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

Title: Acquiring and Retaining Talent: A Proven Model

Presenter:
Deidre Diamond
CyberSN, Founder and CEO

Abstract:

The effective use of technology and processes in cybersecurity staffing can yield amazing results. Deidre Diamond will demonstrate how organizations can obtain cybersecurity talent in less than 60 days and retain them. This method combines the daily business operations of cybersecurity with a subject-matter specific common language lexicon to create teams where everyone knows their role and the roles of others, and where humans are allowed to think, feel and perceive without negative consequences.

Sponsor:

Annual Sponsor: CyberSN

Image result for cybersn image

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/263010687/


(ISC)2 Pittsburgh Spring Chapter Meeting 2019

Date:  Tuesday, April 23, 2019

Location: Robert Mehrabian Collaborative Innovation Center
4720 Forbes Avenue, Room 1203 (CDLC), Pittsburgh, PA

Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

Title:  From Tootsie-Pop to Honeycomb: Securing Your Network, Inside and Out

Presenter:
Joe Proie IV
CISSP, CISA, CRISC, CPT
Technology Risk Mgt (TRM) Policy Team Lead
Bank of New York Mellon

Topics Covered:

– The Biggest Myth about Cyber Security
– What is Defense-in-Depth?
– Why is perimeter security not enough?
– Myths about Security Tools
– Network Segmentation
– Cloud Computing Explained
– The Weakest Link
– Have a Plan
– What Can You Do?

Sponsor:

Annual Sponsor: CyberSN

Image result for cybersn image

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/258997436/


Cyber-Tech Women’s Symposium

The (ISC)² Pittsburgh Chapter has been invited to attend and promote the upcoming and first annual Cyber-Tech Women’s Symposium  at the Robert Morris University Campus on April 12th, 2019.

We hope this will be an opportunity to advance our mission in the Pittsburgh Community by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects.

If you’re interested in attending a link to the the event and registration is here.


(ISC)2 Pittsburgh Winter Chapter Meeting 2019

Date:  Tuesday, January 22, 2019

Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

Title:  Living off the land – Using native windows tools for blue team analysis

Presenter:  Christopher Rodman, SEI

Description:  Most security operations teams leverage the use of commercially available or open source tools for incident response and analysis. However in some cases a system may not have the appropriate agents installed or belong to the monitored network to allow an operator to leverage these tools. In these specific cases an analyst may need to leverage built in tools and utilities to conduct incident investigation in a timely manner. In this presentation we will review the native tools available on Windows systems to conduct root cause analysis and demonstrate how each can be of value. This talk is designed to familiarize the novice security analyst with built tools within MS-DOS and PowerShell and to incite the analyst to discover new and creative uses of these tools.


2018 Holiday Social

Connect | Educate | Inspire | Secure

When:    Thursday, December 6, 2018- 6 PM to 9 PM
Pittsburgh Cultural Trust Arts Education Center
805 Liberty Avenue, Pittsburgh PA

RMU-TSC
RMU Top Secret Colonials

https://www.meetup.com/PghCISSP/


(ISC)2 Pittsburgh Summer Chapter Meeting 2018

Date:  Wednesday, August 15, 2018

Time:
Free Parking Starts: 5:00pm
Registration Starts: 5:30pm
Presentations Begin: 6:00pm

Title:  Hands on Lab: How to Use Multiple Security Tools within Security Onion to Actively Defend your Cyber Key Terrain. (bring your laptops!)

Presenter:  Brandon Grech, SEI

Description:  This hands-on training will showcase step-by-step guides and realistic scenarios on how to utilize Elastic Stack (Elasticsearch, Logstash, and Kibana), NetworkMiner, Grassmarlin, and other security tools within the newest release of Security Onion and additional open-source resources on various realistic networks (e.g., small-scale, global-scale, ICS/SCADA, etc.)

Sponsor:  Optiv

https://www.meetup.com/ISC-Pittsburgh-Chapter/events/252906457/


The (ISC)² Pittsburgh Chapter has been invited to attend the upcoming Data Connectors event ‘Pittsburgh Cybersecurity Conference 2018’, on Thursday August 16th.

We hope this will be an opportunity to advance our mission in the Pittsburgh Community by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects.

If you’re interested in attending a registration link for the event is here.

If you already plan to be there, stop by our booth and say hi!

Pittsburgh Cybersecurity Conference 2018
Data Connectors
Thursday, August 16, 2018 from 8:00 AM to 5:00 PM (EDT)
Mars, PA


Date: Wednesday April 11, 2018

Time: 5:30pm-7:30pm

Title: Hands on Lab: BGP Routing and Attacks (bring your laptops!)

Description: This course is intended to teach students the fundamentals of routing (both static and dynamic) as well as filtering traffic with iptables. Students will become familiar with configuring routers based on Alpine Linux and Quagga routing software. Step-by-step lab directions will be provided as well as a brief lecture covering each lab topic.

Objectives:

  • Understand and configure static routing
  • Understand network address translation (NAT) with iptables
  • Filter traffic with iptables
  • Configure dynamic routing with OSPF
  • Configure dynamic routing with BGP
  • Understand and practice BGP route hijacking

Presenter:  Bill Reed, of SEI

Sponsor: Palo Alto Networks


Title: Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations

Presenter: Chris Seiders, Security Analyst, University of Pittsburgh, Computing Services and Systems Development (video) (slides)

Description: NIST Special Publication 800-171 “Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations”

What it is and how you may be impacted.

Chris Seiders, Security Analyst, University of Pittsburgh, Computing Services and Systems Development
Chris Seiders, Security Analyst, University of Pittsburgh, Computing Services and Systems Development

Sponsor: Optiv

Dave Rogers, VP of Cloud Business Development, Optiv
Dave Rogers, VP of Cloud Business Development, Optiv

Title: How to Beat Evasive Malware at Its Own Game

Presenter: Lenny Zeltser, VP of Products, Minerva Labs (presenting  remotely)

Slides available for members only at the presenter’s request via  isc2pghchapter@gmail.com

Wednesday, November 15, 2017

Time: 5:30pm-7:30pm

Developing sophisticated attacks takes time and requires heavy investment. Attackers safeguard their methods by designing malicious software to remain unnoticed by security tools for as long as possible. This educational session discusses some of the common evasive techniques that malware authors incorporate into their creations. Moreover, it proposes several innovative approaches for turning such capabilities against malware to defend endpoints, turning adversaries ‘ strengths into weaknesses.

You’ll learn about:

Common evasive techniques used by malware authors to bypass security defenses.

Ideas for exploiting evasive capabilities of such threats to give defenders an advantage over adversaries.

Free, proof-of-concept tools that demonstrate the effectiveness (and sometimes limitations) of such defensive techniques.

Attend this session to learn how evasive malware achieves its objectives and to consider methods for defending against such threats without relying on signatures, behavioral patterns or machine learning models.

About Lenny Zeltser

Lenny is a senior faculty member at SANS Institute and VP of Products at Minerva Labs. Earlier in his career, Lenny served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Sponsor: Minerva Labs


Title: Hands on Scripting lab with PowerShell and Python (bring a laptop)

Presenter: Joshua Acklin, Cyber Security Engineer, CERT (video)(slides )

Description: Introduction and completion of these labs.  

Wednesday, August 23, 2017 – (ISC)2 Pittsburgh Chapter

Time: 5:30pm-8:30pm

Packet Capture Analysis with Python

This lab covers Python 2.7 and all content will revolve around the most recent version of Python 2.7. Students will walk through a basic Python guide and upon completion will create a simple Python application that identifies Unique IP addresses within a Packet Capture(pcap). Utilizing the Lab guide students will create a Python class with functions that sift through a large pcap, identify IP addresses, compare IP addresses with known IP address and make logical decisions on adding an IP address to a Python data structure.

Network Flow Analysis with Python

This lab is a continuation of Packet Capture Analysis with Python. In this lab, students will be provided a Python script skeleton: PacketSniffer to create a custom passive network flow analysis application. Using a Python library pyshark Students will create Python Objects to analyze network flow. Upon completion of PacketSniffer Students will monitor a probe within an adversaries network to identify IP addresses, ports, protocols, and anomalous behavior.

Host Intrusion Detection with Powershell

This lab is a continuation of Windows Filesystem Scanning with PowerShell. In this lab, students will be provided a PowerShell script skeleton: PowerHids to create a custom Host Intrusion Detection System. PowerHids will create a Window’s system baseline and a periodic monitoring check against the baseline. The Windows Systems Students are expected to monitor are, File System, Windows Registry, Network, and Running Processes. Upon completion of the PowerHids Script students will monitor a Windows system and identify changes.

Windows Filesystem Scanning with PowerShell

This lab introduces the fundamental basis for creating scripts in PowerShell. In this lab, you will learn some of the key aspects of PowerShell, how to traverse through a windows system identifying Key Terrain Cyber, and identifying system that have been manipulated within a Windows System. Key concepts that will be explained include the purpose of PowerShell, the use of PowerShell’s programming paradigm to create effective scripts, the four core aspects within a Windows system (network, processes, files, and the registry). On the conclusion of this module will understand the concepts and the development of a script to traverse a Windows File System creating an effective baseline in which to compare against.


High School Cyber Security Competition

75 students attended the 2017 STEM outreach program this summer, which was sponsored by The Software Engineering Institute’s CERT Division and the Pittsburgh Chapter of (ISC)2.


Alert Orchestration, presented by Luis Guzman

How to enrich alerts and deliver information to make a programmatic or human-aided decision.


Date: Tuesday, May 23rd

Time: 5:30 – 7:30 pm

Sponsor: Ethical Intruder (presentation)

Presenter: Luis Guzman  (presentation)


Hands on Wireless Pen testing in an all virtual training environment .

Date: Wednesday, March 8th

Time: 5:30 – 7:30 pm

Presenter: Adam Welle, CERT

Sponsor: Anomali


ISC2 Pittsburgh Networking Event

As the snow starts falling, it’s that time of year. ISC2 Pittsburgh will host its first annual networking event this December 7th at the Allegheny Harvard Yale Princeton Club.

Our goal is to bring together Western Pennsylvania’s information security community in a laid back environment to get to know our group as well as each other. We have patterned this social after several others across the country and hope to make this event a great success.

We will take care of the appetizers and non-alcoholic beverages. A cash bar will be available for those looking to have beer and wine. In other words, attendance is free!

We encourage folks from ISC2, ISSA, Infragard, Steel City Infosec, OWASP, SEI and anyone else who is in any way associated with information security in Pittsburgh or those who would just like to get to know us better to attend. We welcome people from college students to CISOs and anyone in between!

The official information for the event is listed below. We strongly prefer that you register in advance if you plan on attending.

Date: Wednesday, December 7th 2016

Time: 6-9 pm

Location: Allegheny Harvard Yale Princeton Club, 619 William Penn Place,Pittsburgh, PA 15219

The event is generously sponsored by Gigamon, F5, Imperva, Cyber-Ark, and LogRhythm. Many thanks for their support.


Tuesday October 11, 2016 @ 6pm-  ISC2 Chapter meetup.  Dan Denne will be discussing strategies to pass the new CISSP exam.  Dan recently passed the exam.  Food will be served. Thanks go out to our sponsor Cigital. Expect an e-vite soon. All are welcome, certified or not!

Location: NCFTA


Wednesday, July 18-20, 2016  –  The Software Engineering Institute’s CERT Division and (ISC)²® Pittsburgh Chapter’s High School Cyber Security Competition at Carnegie Mellon University

9:00AM – 4:00PM ET

Location: Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213


Wednesday, June 1, 2016, 5:30 p.m.  – (ISC)Pittsburgh Chapter – CERT’s Security Board game “Three Envelopes”

Location: Microsoft Pittsburgh Office


Wednesday, March 23, 2016  – (ISC)Pittsburgh Chapter – Main Talk- Summer Fowler, Technical Director, Cybersecurity Risk & Resilience at CERT

Lighting talks

–Sid Faber – The CERT Network Security Monitoring Suite (install and config pdfs)

Chad White-  InfoSec Summit (ISSA) Columbus

Allen Howard- Wireless Security

Dan Denne- Red Forests

Diane Planton & Ryan Sydlik- Meta-Directories and  Identity Access Management

6:00PM – 8:30PM ET

Location: Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213


Tuesday, December 15, 2015 – (ISC)Pittsburgh Chapter – Find the Adversaries Artifacts! Hands-on Forensic Exercises.

Please join us for newly created hands-on forensics exercises in The CERT Simulation, Training, and Exercise Platform (STEPfwd) Virtual Platform. Find the adversaries artifacts!

5:00PM – 8:30PM ET


Wednesday, September 16, 2015 – (ISC)Pittsburgh Chapter – Blackhat / Defcon Speaker Ken Westin,

Operationalizing Threat Intelligence: How to Develop and Apply a Threat Intelligence Program

Please join us for Backhat / Defcon speaker Ken Westin.  The topic will be Operationalizing Threat Intelligence: How to Develop and Apply a Threat Intelligence Program.

The talk will be followed by security table topics and discussion by our members. Some topics: Governance, Risk management and Compliance software (GRC),  What’s new in Crypto & NIST FIPS 202/SHA-3, Device hacking and finding developer backdoors, What’s new in network security, An interesting security story and NoSQL security logging and mobile forensics.

5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213


Great job teens, the teachers were very impressed with your passion and how quickly you learned the security material, nice work!

Article:
http://sei.cmu.edu/news/article.cfm?assetID=442405&article=218&year=2015

July 27-29, 2015, 8:30 a.m. – 5 p.m. – High School Cyber Security Competition

High School students join the blue team this summer! Learn how to defend a virtual network against live attacks using open source tools such as Snort! Sponsored by CERT (cert.org) and ISC2 Pittsburgh (http://www.isc2chapter-pittsburgh.com).

The Pittsburgh Chapter is banding together with CERT.org to fill a gap in teen education today, to help develop the next generation of cybersecurity professional. This event will provide high school teens with an opportunity they may never get otherwise.

Where: Collaborative Innovation Center, Carnegie Mellon University4720 Forbes AvePittsburgh, PA 15213Cost: Free entrance (Street parking not included)Prize: 1st place prize $500 Student registration: http://goo.gl/v76Pr2  (limit 24)

Vendor sponsor:  Accuvant, and @layer427expert


Wednesday, May 20, 2015 – (ISC)Pittsburgh Chapter – Race The Clock, Security Escape Room (bring your own laptop)

Escape rooms are a form of puzzle game where willing participants will be locked within a room with a specific scenario according to a respective theme (i.e. a laboratory, a jail cell, etc), either alone or alongside a team of individuals, to solve a plethora of puzzles and riddles using the elements found inside the room to attempt to escape within a certain amount of time.
In our version, the room is a virtual lab containing one or more virtual systems. The theme is a certain skill set or competency in the IT or computer security fields (i.e. networking, forensics, programming, etc). Instead of simply trying to escape, the end result the player hopes to achieve is discerning a final piece of information, and must work through a set of tasks and puzzles to discern this information. The player will have available or must unlock, the tools, information, and clues necessary to reach the final piece of information at the end of each challenge.


Chris Herr “Video Games as a Training Tool to Prepare the Next Generation of Cyber Warriors“

5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University4720 Forbes AvePittsburgh, PA 15213


 Tuesday, January 13, 2015 – (ISC)Pittsburgh Chapter – Cyber Range

Join The Blue Team for hands-on exercises to defend a virtualized cyber range sponsored by CERT and ISC2 Pittsburgh Chapter.  Use your defense skills against attacks, using open source tools, such as Nagios and Snort this winter. All Skill levels are welcome.

5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213

Agenda:  

Chapter updates

Cyber Range