Events
This meeting has been postponed. Please check back for the new date.
Abstract
Follow a penetration tester through the key stages of an engagement, from preparation to successful execution. Step-by-step we’ll show you how someone can achieve total domain takeover within 30 minutes of entering a target’s offices. Explore the preparation stages, in particular how to use OSINT and a demonstration of practical reconnaissance techniques. Along the way they'll show that accessing CCTV, building and lift management systems are not just the stuff of movies! Learn how they bypass physical security controls and leverage common vulnerabilities so that they can walk away with the keys to the kingdom in under a half an hour. Session will be followed by a Q&A.
Speaker Bio
Paul has over 10 years of cyber security experience. He started out securing networks and is now paid to break into them. Paul has a background in industrial engineering where he familiarized himself with human machine interfaces, telemetry, sensor data, and various other SCADA systems. This experience is now essential for testing and helping to secure Operational Technology. Paul is a regular speaker at technology and security events such as the (ISC)2 Security Conference, where he highlights risks and security flaws in the internet of things, automotive, rail, and maritime sectors.
Must register here ifyou plan to attend.
Join us on Tuesday, December 19, 2023 for our monthly chapter meeting with a special guest speakers:
Jason Cronk, Author of Strategic Privacy by Design
Abstract
Insurance companies don't use traffic light analogies for setting insurance rates and neither should you. In this talk, the author of Strategic Privacy by Design will discuss the importance of quantification, the pitfalls of qualitative assessments, the growing regulatory demand for risk assessments and highlight the different focuses of privacy versus security risks.
Speaker Bio
R. Jason Cronk (CIPT, CIPM, CIPP/US, FIP, JD, PbD Ambassador)
Author of “Strategic Privacy by Design” | Privacy Engineer | CIPT, CIPM, CIPP/US, FIP |
President of Enterprivacy Consulting Group and the Institute of Operational Privacy Design
R. Jason Cronk is a seasoned privacy engineer, author of the IAPP textbook “Strategic Privacy by Design” and holds CIPT, CIPM, CIPP/US, and FIP designations. His unique background includes various entrepreneurial pursuits, strong information technology and cybersecurity experience, and privacy law. Currently, Cronk serves as President of the Institute of Operational Privacy Design and Section Leader of the IAPP’s Privacy Engineering Section. He is also president and principal consultant with boutique consulting and training firm Enterprivacy Consulting Group. Find him on Mastodon @This email address is being protected from spambots. You need JavaScript enabled to view it..
Must register here ifyou plan to attend.
Join us on Tuesday, January 16 for our monthly chapter meeting with a special guest speakers:
by Roger A. Grimes
Abstract
Attend this presentation given by 34-year cybersecurity veteran, Roger A. Grimes, author of 13 books and over 1,200 articles on computer security, to learn why hackers hack and how they hack. Roger will discuss their motivations and discuss how today’s real-world mix of malware and human-directed sophisticated attacks, like ransomware, happen. The presentation will include a video demonstration by world renowned hacker, Kevin Mitnick, getting around multifactor authentication like it wasn’t even there. It’s an attack that would work against over 90% of today’s multifactor solutions. Most importantly, learn the four best computer security practices, that if you do well, will significantly lower your risk of being a cyber victim. This is an entertaining, informative, and practical talk that will help make you a better cybersecurity defender.
Speaker Bio
Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is a 34-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 13 books and over 1,300 articles on computer security. He has spoken at many of the world’s biggest computer security conferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR’s All Things Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee, and Microsoft. He has consulted for hundreds of companies, from the largest to the smallest, around the world. He specializes in host and network security, quantum security, identity management, anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, and technical writing. His certifications have included CPA, CISSP, CISA, CISM, CEH, MSCE: Security, Security+, and yada-yada others, and he has been an instructor for many of them. His writings and presentations are often known for their real-world, contrarian views. He was the weekly security columnist for InfoWorld and CSO magazines between 2005 - 2019.
Must register here if you plan to attend.
