April 2018 Chapter Meeting

April 25th 2018 6pm-8pm

Chapter Meeting Agenda:
6:00pm-6:15pm Networking
6:15pm-6:30pm Chapter Business
6:30pm-8:00pm Presentations
Location: Mercer Island Community Center
8236 SE 24th Street
Mercer Island, WA 98040

Register

attendance qualifies for 2 CISSP credits

Speakers:

Satish Shetty, CEO, Codeproof Technologies
Modern Solutions to Overcome Modern Enterprise Mobility Challenges
Enterprise mobility unlocks unprecedented value propositions for the modern enterprise. With the growing dependence on mobile technologies, enterprises are pursuing ways to unlock the true potential of their mobile workforce. Unfortunately, many organizations have struggled to keep up with the challenges associated with embracing a mobile-first approach. And with the intensifying sophistication of cyber-attack threat vectors, traditional solutions, strategies and practices fail to deliver the security and management capabilities essential to keep your enterprise productively mobile. To address these concerns, we aim to present invaluable insights into the following key solution areas:
  • Data leak prevention technologies and strategies that actually work. How to eliminate risk in BYOD devices accessing corporate network, potentially with vulnerable apps running, or when the device is lost or stolen.
  • How to streamline device management and provisioning process while ensuring high-end security for every device.
  • The game-changing industry trends driven by EMM Technologies from Apple, Google and Samsung.
Bio:
Satish Shetty is CEO and founder of Codeproof Technologies, an enterprise mobile security software company. Shetty has more than 20 years of security and enterprise software development experience. A recognized leader in the mobile device management space, Shetty also has several patents in software security. Shetty's area of expertise includes computer security, cloud computing, software antipiracy and enterprise software management technologies.
Shetty previously worked at Microsoft on development of Windows Operating System and Windows Genuine Advantage product lines. Prior to that, Shetty worked at McAfee on development of various security products including McAfee's flagship products McAfee ePolicy Orchestrator and McAfee VirusScan. He also holds a Bachelor of Engineering degree in Computer Science with distinction from the University of Mysore.
and
Song Li, CTO, NewSky Security
Cryptocurrency Attacks and this Emerging/Scary Threat Landscape
Abstract:
Your device is my miner.
One of the most popular ways to obtain cryptocurrency is to run mining devices "miners". Most miners today are built with ASIC chips, and millions of miners are aggregated undermining pools. Miner machines and under mining pools have several security vulnerabilities.
Along with miners, there are malware that turn infected devices into mining machines, from directly using the baremetal to mine, to using scripts such as web pages to mine. This talk will discuss the mining ecosystem and how cyber security's play in this system.
Bio:
Song Li is Chief Technology Officer (CTO) and Co-founder of NewSky Security, an Internet of Things Security company. Song is an invited expert in the W3C connected cars group.
Song has 20 years of experience in developing high performance software systems. Previously, he worked for Intel, Expedia and eBay. Song is also a white hat (ethical) hacker.

May 23rd 2018 Chapter Meeting

May 23rd 2018 6pm - 8pm

Chapter Meeting Agenda:
6:00pm-6:15pm Networking
6:15pm-6:30pm Chapter Business
6:30pm-8:00pm Presentations
Location: Bellevue City Hall
450 110th Ave. NE
Bellevue, WA 98009

attendance qualifies for 2 CISSP credits

Speakers:

Jeffery Westcott, CFO, Cloud Security Alliance
Abstract
Blockchain is a platform built originally for the Bitcoin crypto-currency utilizing a decentralized (i.e., peer-to-peer) network. This creates a transparent public hyperledger, an immutable record of data that enables a layer of trust that has traditionally been centralized, costly and inefficient. Due to its unique features, the blockchain has spawned interest in many industries, including financial services, healthcare, legal, governmental, recording/arts and supply chain manufacturing. There is much interest in start-ups and corporations to harness its potential and numerous consortiums have been established to create a framework of uniform protocols to promote adoption and standardization across many industries it will serve.
Bio:
Jeffrey Westcott’s career spans thirty years, working in the corporate world for ten of those years (in banking and securities); then as an entrepreneur for another ten; and then working with established companies in the Seattle area since 2010.  He has worked CSA-NA (US), CSA-APAC (Asia) and CSA-EMEA (Europe) since 2014 as Chief Financial Officer. He received his BS (Accounting) from the University of Scranton, his MBA (Finance) from the University of Pittsburgh, and is a licensed CPA. Mr. Westcott has lived in Bellingham, Washington since 2006.

June 27th 2018 Chapter Meeting

June 27th 2018 6pm-8pm

Chapter Meeting Agenda:
6:00pm-6:15pm Networking
6:15pm-6:30pm Chapter Business
6:30pm-8:00pm Presentations
Location: Bellevue City Hall
450 110th Ave. NE
Bellevue, WA 98009

attendance qualifies for 2 CISSP credits

Speakers:

Radia Pearlman, Fellow, Dell EMC
Blockhain: Hype or Hope?
"Blockchain" is a technology that powers Bitcoin, and has gotten a lot of press, though very little of it actually explains what blockchain is and how it works. This talk will explain how Bitcoin's blockchain technology works, and its properties, including efficiency, security, and anonymity. There is a lot of misinformation published about it, and to further the confusion, researchers are naming all sorts of things "blockchain" that bear little resemblance to the original blockchain. So, is blockchain a revolutionary technology that will enable not only electronic money, but have all sorts of other applications?  Or is it an unscalable fad that will fade away?
Bio:
Radia Perlman is a Fellow at Dell EMC.  Her specialties include network routing protocols, and network security. She developed the technology for making network routing self-stabilizing, largely self-managing, and scalable.  She also invented the spanning tree algorithm, which transformed Ethernet from a technology that supported a few hundred nodes within a single building, to something that could support large networks.  She also has made contributions in network security, including scalable data expiration, distributed algorithms despite malicious participants, DDOS prevention techniques, and user authentication. She is the author of the textbook “Interconnections” (about network layers 2 and 3) and coauthor of “Network Security”. She has been recognized with many industry honors including induction into the National Academy of Engineering, the Inventor Hall of Fame, and lifetime achievement awards from Usenix and SIGCOMM.  She has a PhD in computer science from MIT.

CCSK Training

September 20th 2018 8:30am - 5pm

CCSK Foundation Training Course v4

1-day CCSK Foundation instructor led class that will help you successfully prepare for the Certificate of Cloud Security Knowledge (CCSK) exam.
The course covers and includes:
  • All major domains in the CSA Security Guidance for Critical Areas of Focus in Cloud Computing document, along with the ENISA whitepaper.
  •  Access to a number of exclusive self-paced study resources.
  • One exam voucher token for the CCSK version 4 exam.
The Certificate of Cloud Security Knowledge (CCSK) provides students a comprehensive review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK V4 Certification Exam. The CCSK session starts with a detailed description of Cloud Computing and business requirements (governance, risk management, compliance, and legal). The session then moves into more technical security issues such as encryption, Identity Management, assessment of Public and Private Clouds, securing corporate data in the public cloud and securing private clouds. The CCSK training is comprised of the following six modules, encompassing the Cloud Security Alliance’s 14 Domains ensuring students can successfully prepare for the exam while also enhancing their overall competencies in cloud security.
Module 1 | Introduction and Cloud Architectures
Module 2 | Infrastructure Security for Cloud Computing
Module 3 | Managing Cloud Computing Security and Risk
Module 4 | Data Security for Cloud Computing
Module 5 | Securing Cloud Applications and Users
Module 6 | Cloud Security Operations
When:  Thursday September 20th
  • 8:30 Check-in and continental breakfast
  • 9am - 5pm Instructor led lecture and course
Where:  Embassy Suites, Bellevue, WA
Cost:  $995.00 per person, please note that registration will be limited to 25 students
Registration Includes:
  • 1 Day of CCSK Training from an Authorized Cloud Security Alliance Instructor
  • Official CCSK Foundation Student Handbook
  • CCSK Practice Exams. Accessible online, self-paced and randomly generated.
  • 1 CCSK Exam Voucher + 1 Re-Attempt Exam Voucher
  • Continental Breakfast, Lunch Buffet, and afternoon snacks
Registration will begin in May

2018 CSA Seattle Chapter Conference

September 21st 2018 8am - 8pm

SAVE THE DATE: SEPTEMBER 21st 2018

CSA Seattle Chapter Conference: Securing the Digital Horizon @ Cloud City

 
Details
When: Friday September 21st 2018
Cost: 
  • $179 early bird before 8/1
  • $199 8/1- 9/9
  • $250 after 9/9
Where: Embassy Suites, 3225 158th Avenue SE, Bellevue, WA (just off I-90)
Conference: 3 educational tracks with 8 CPE credits available, evening social
Additional details will be posted as available
Page Dividing Line