Join us on Tuesday, January 17, 2023 for our monthly chapter meeting with a special guest speakers:


How to Deal with An OCR Investigation
by Ernest Smith, CEO, The RMF Security Group

The Department of Health and Human Services Office of Civil Rights (OCR) is responsible for enforcing the HIPAA Privacy and Security Rules (45 C.F.R. Parts 160 and 164, Subparts A, C, and E). It is responsible for investigating complaints and conducting compliance reviews to determine if covered entities (Healthcare Plans, Healthcare Clearinghouses, Healthcare Providers or any other organization who transmits any health information in electronic form in connection with a transaction) are compliant with Privacy and Security Rules. Covered entities are required by law to respond to OCR investigations. OCR is responsible for enforcing the HIPAA Privacy and Security Rules (45 C.F.R. Parts 160 and 164, Subparts A, C, and E). One of the ways that OCR carries out this responsibility is to investigate complaints filed with it. After the OCR investigation is concluded, if the evidence indicates that the covered entity was not in compliance, then OCR will attempt to resolve the case with the covered entity by obtaining, Voluntary compliance, Corrective action, and/or Resolution agreement. Our speaker Mr. Ernest Smith, CEO, The RMF Security Group will discuss his knowledge of how covered entities should handle an OCR investigation if they are faced with an OCR complaint.


Speaker Bio
ernst smithErnest Smith is born and raised in Fayetteville, NC graduating from E.E. Smith Senior High School in 1990. Ernest spent 21 years in the Army retiring in 2012. Ernest was a signal soldier spending most of his years in the 82nd Airborne Division at Fort Bragg, NC. Ernest has served multiple overseas tours to include
multiple tours to Afghanistan. Professionally, Ernest has more than 12 years’ experience in a wide range of cybersecurity areas. Ernest has a Masters in Cybersecurity, highlighted with major certifications CISSP and PMP. Ernest is a recognized subject matter expert who gives back by teaching, mentoring, and training hundreds of people over the past few years. Ernest is married (13 years)with 3 children and currently resides in San Antonio, TX.


Must  register here if you plan to attend.

Join us on Tuesday, February 21, 2023 for our monthly chapter meeting with a special guest speakers:


 Cyber Security Evaluation tool (CSET®)
Dr. Ron Martin

The Cyber Security Evaluation Tool (CSET®) is developed by the Cybersecurity & Infrastructure Security Agency (CISA). The Department of Homeland Security (DHS) developed CSET for asset owners with the primary objective of reducing the risk to the nation’s critical infrastructure. Control systems are defined as electronic devices that control physical processes and as such, are a crucial element in the protection of our nation’s infrastructure. Since 2014 the tool evolved into a powerful tool for organizations to perform their general cyber assessment process. The tool provides a systematic approach for evaluating an organization’s security posture by guiding asset owners and operators through a step- by-step process to evaluate their industrial control system and information technology network security practices.
The lecture will provide a high-level review of the tool along with its features and assessment process. Additionally, the lecture will review the tool’s standards section, assurance level determination, creation of diagrams, generation of questions, review analysis and reports. The slide deck will have links to CSET Tutorials and key U. S. Federal cybersecurity assessment models included with the tool.


Speaker Bio
rob martinDr. Martin is a Professor of Practice at Capitol Technology University. His work at Capitol Technology University is in the following functional areas Critical Infrastructure, Industrial Control System Security, Identity, Credential, and Access Management. Ron has relationships with a diverse mix of businesses. He serves on a board of directors for many profit and non- profit organizations. Ron retired from the United States (U. S.) Army in 1999 and the U. S. Government in 2011. Between his tours of Federal Service, he served five years as a civilian police officer in the Commonwealth of Virginia. During his Federal Service, he served with the U. S. Department of Commerce and Health and Human Services as the program director for developing and implementing both departments’ Identity, Credentialing, and
Access Management (ICAM) Programs. He now serves on the Security Industry Association Standards Committee. Ron is a former ASIS International Commission on Standards & Guidelines Commission member. Ron is a voting member of the United States Technical Advisory Group to the International Standards Organization (ISO), which works to develop and articulate the U.S. position by ensuring the involvement of U.S stakeholders from the private and public sectors. Ron currently serves on the International Foundation for Protection Officers (IFPO) Board of Directors. While on active duty, he served as Military Comptroller, Provost Marshal, Security Manager, and Doctrine Literature Writer and Instructor. Ron served as a Federal Identity, Credentialing, and Access Management (FICAM) Roadmap Development Team member. He provided FICAM Subject Matter Expertise by regularly providing advice and assistance to Federal agencies and organizations engaged in Identity Credentialing activities. This work was a precursor of the establishment of Capitol Technology University’s ICAM Laboratory. Before retirement from the Federal Government, Ron received a Coin of Excellence from the Interagency Security committee to establish the committee’s Convergence Subcommittee. Ron serves as the vice chair of the Institute of Electrical and Electronics Engineers (IEEE) P2887 - Zero Trust Security Working Group (ZTSWG). Currently, he is a member of the Cloud Security Alliance Zero-Trust/ Software Defined Perimeter Experts and Research Working Groups.


Must  register here ifyou plan to attend.

Join us on Tuesday, July 18, 2023 for our monthly chapter meeting with a special guest speakers:


How and Why Hackers Hack and How To Best Defend
by Roger A. Grimes

Attend this presentation given by 34-year cybersecurity veteran, Roger A. Grimes, author of 13 books and over 1,200 articles on computer security, to learn why hackers hack and how they hack. Roger will discuss their motivations and discuss how today’s real-world mix of malware and human-directed sophisticated attacks, like ransomware, happen. The presentation will include a video demonstration by world renowned hacker, Kevin Mitnick, getting around multifactor authentication like it wasn’t even there. It’s an attack that would work against over 90% of today’s multifactor solutions. Most importantly, learn the four best computer security practices, that if you do well, will significantly lower your risk of being a cyber victim. This is an entertaining, informative, and practical talk that will help make you a better cybersecurity defender.


Speaker Bio
roger grimesRoger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is a 34-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 13 books and over 1,300 articles on computer security. He has spoken at many of the world’s biggest computer security conferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR’s All Things Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee, and Microsoft. He has consulted for hundreds of companies, from the largest to the smallest, around the world. He specializes in host and network security, quantum security, identity management, anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, and technical writing. His certifications have included CPA, CISSP, CISA, CISM, CEH, MSCE: Security, Security+, and yada-yada others, and he has been an instructor for many of them. His writings and presentations are often known for their real-world, contrarian views. He was the weekly security columnist for InfoWorld and CSO magazines between 2005 - 2019. 


Must  register here if you plan to attend.

Additional information