Mouse over any item on the left to display further information on the right
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Maximizing Security -- Point Solutions vs. Consolidation. Which is better?ISSA Monthly Luncheon: Maximizing Security -- Point Solutions vs. Consolidation. Which is better?
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., May 18, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation:
Maximizing Security -- Point solutions vs Consolidation. Which is better?
Speaker:
Kostas Sfakiotakis
Topic:
Is cobbling together point solutions really the best way to maximize security? As information technology gets more complex, there are varying philosophies on the best way to approach security. Some adopt the approach of using only the best of breed products. Others adopt the approach of using solutions from one vendor to get the best results. Still others use open standards or freeware or Linux based solutions to tackle security on a shoestring budget. There are pros and cons to each of these. Come and share in the discussion about maximizing security at the ISSA Hawaii Chapter Luncheon.
BIO:
Kostas is a 15 year veteran in the networking and security space. He has been with Fortinet for 7 years and is currently the Systems Engineering Manager for the Western Region. Kostas currently holds the FCNSA and FCNSP certifications with Fortinet.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Herb Marinated Grilled Sirloin Steak and Citris Honey Mustrad Glazed Chicken Breast
Fresh Mashed Potatoes and Herb Roasted Garden Vegetables
Dessert: Frozen Banana Souffle
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: A Closer Look at the Stuxnet WormISSA Monthly Luncheon: A Closer Look at the Stuxnet Worm
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Jun 15, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation: A Closer Look at the Stuxnet Worm
Speaker: Mark Ryan Del Moral Talabis, Dwayne Yuen, and James Ochmann - Secure-DNA Consulting
Topic: Stuxnet has been described as a guided cyber warhead, a digital missile aimed at taking down the Iranian nuclear program. It is unquestionably the most complex piece of malware ever discovered, setting several historical milestones such as implementing the first programmable logical controller rootkit, exploiting several stolen legitimate digital certificates, or taking advantage of an unprecedented four zero-day Windows vulnerabilities to spread itself in its pursuit of dismantling Iran's uranium enrichment centrifuges. Stuxnet is a look at the future landscape of security and cyber warfare. It is likely that this is only the first of many attacks of its kind.
Through live demonstrations of actual Stuxnet samples and analysis of decompiled code, we will take an inside look at the inner workings of the Stuxnet worm. Our presentation will walk the audience through the attacker's mindset and design methodology, showing the obstacles which needed to be tackled in order to reach its destination from the eyes of Stuxnet's designers.
We will walk through Stuxnet's journey from initial infection through a removable drive, its several innovative worm propagation techniques, and after finally reaching its destination, the deployment of its payload onto its long awaited target - all while remaining hidden and keeping itself up to date.
BIO: Mark Ryan Del Moral Talabis is a Senior Consultant within the Secure DNA Consulting practice. He has over ten years of experience in Information Security, IT Audit, and Applications Development. He has extensive experience in information security risk assessments, vulnerability assessments and penetration testing and has specialized expertise in security data analysis and incident response. He is a (CISSP); (CISA); (CRISC); (GCIH); (GSEC); and a full member of the Honeynet Project.
James Ochmann is a Consulting Intern with Secure DNA Consulting whose first major project was this Stuxnet presentation. He is a member of the Greyhats. He has a lifelong interest in technology and security and is currently doing research on the Tor anonymous routing network for his masters thesis.
Dwayne Yuen is a Consulting Intern with Secure DNA Consulting. He is a member of the UH Manoa's Greyhats. He is currently pursuing his Master's in Electrical Engineering at the University of Hawaii, researching a novel algorithm for solving the maximum common subgraph isomorphism problem for his thesis.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Grilled Fresh Island Fish
with Ginger Sake Beurre Blanc and Roasted Tomato Oil Server on Lobster Fried Rice and Stir Fried Asian Vegetables
Dessert: Key Lime Pie
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Hardening against buffer overrun attacks: DEP, ASLR, and Executable Space ProtectionISSA Monthly Luncheon: Hardening against buffer overrun attacks: DEP, ASLR, and Executable Space Protection
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Jul 13, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation:
Hardening against buffer overrun attacks:
DEP, ASLR, and Executable Space Protection
Speaker:
Jeremy Shetland, Hawaiian Telcom
Topic:
There are many new attacks that appear every day with very exciting names, however when you look under the hood a lot of the attacks are using the same buffer over flow techniques. Jeremy Shetland will share with us the different types of built-in defense mechanisms for Windows and Linux Systems to ensure you're using the latest anti-buffer overflow technology.
BIO:
Jeremy Shetland is a Senior Security Architect at Hawaiian Telcom and has over 11 years of progressive success across both IT security and network engineering. He has lead numerous projects focused on perimeter and interior defensive measures for organization within the Hawaiian Islands. He has extensive experience in security technologies such as firewall, intrusion prevention systems, security event management and end point protection.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Roasted Cornish Game Hen with Garlic and Rosemary
On Mashed Potatoes and Vegetables Glazed with Balsamic Vinegar
Dessert: Refreshing Homemade Sorbets
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: New Technologies in the Fight Against MalwareISSA Monthly Luncheon: New Technologies in the Fight Against Malware
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Aug 17, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation: New Technologies in the Fight Against Malware
Speaker: Bill Musson
Topic:
Over the past few years, Malware has been increasing in frequency, variation and
the escalation of the defence versus the attack has made it much more difficult
for Anti-Virus vendors to provide defenses based upon traditional methods.
With the rapid adoption of virtualized environments, Anti-Virus vendors quickly
understood that signature based Anti-Virus was not going to be enough to protect
the critical IT systems in their care.
Bill Musson, a Senior Sales Engineer for Symantec, will be discussing new protection
technologies for both physical systems and virtual systems that are outside the traditional
signature based technologies.
BIO: Mr. Musson is a Senior Sales Engineer for Symantec Corporation with over 24 years of Information Security experience and is currently covers the Pacific Rim from Alaska to Bahrain. In his current role, Bill designs and architects solutions to IT problems for the Department of Defense, State of Hawaii and County Government organizations and Hawaii Businesses.
He is a Certified Information System Security Professional (CISSP), and holds a B.S. in Computer Science from Hawaii Pacific University.
BIO:
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Broiled New York Steak
On Roasted Garlic Mashed Potatoes with Cabernet Peppercorn Sauce, Frizzled Onions, Grilled Marinated Squash and Peppers
Dessert: Vanilla Ice Cream Taco with Fruit Salsa
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: The Human Side of TechnologyISSA Monthly Luncheon: The Human Side of Technology
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Sep 14, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation: The Human Side of Tech: leveraging reptilian brains and butterflies on your next project.
Speaker: Peter Kay, CEO, CyberCom, Inc.
Topic: If you really want to supercharge your next technology upgrade or even improve upon your existing platform, leverage the most important factor, the Human Factor, within your organization.
Don't miss Hawaii's very own Peter Kay (of "Your Computer Minute") as he shares his secrets of leveraging the Human Factor as discovered over his 27 years in Hawaii spanning 6 tech startups and countless local clients ranging from our largest blue-chip firms to the smallest companies. The two key ideas Peter will discuss are:
* Leveraging the most primal human desires (in the reptilian brain) to get people to change their behavior overnight and embrace new technology.
* Transform organizational complexities where even the smallest movement can sometimes bring your entire project to a halt (The Butterfly Effect) into a powerhouse of focused efforts that brings about change faster and more completely than ever thought possible.
While human interface design is a deeply researched area, human behavior is rarely if ever formally considered in technology projects. Designed for both technical, management, and operational areas of all companies big and small, this presentation will give you insights that few consider and may make the difference between success and failure on your next project.
BIO:
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Roasted Chicken Breast with Tarragon Cream Sauce
On Herbed Rice Pilaf and Seasonal Vegetables
Dessert: Key Lime Pie
Hawaii's 18th Annual ISSA Discover Security Conference
All Day
Hale Koa Hotel, Honolulu, Hawaii
Fee allows attendance to both days of conference:
ISSA Members $35.00
Non-Members: $70.00
No need to register for both days. Register for the conference under the event listing for 10/12/2011.
Sink or Swim.
Most of the major security related vendors will be participating, and focusing on security, disaster recovery, compliance, performance and availability.
DATE AND LOCATION:
October 12-13, 2011
Hale Koa Hotel
Honolulu, Hawaii
FEES:
Cost of Event (2-days):
ISSA Members - $35.00
Non-Members - $70.00
DEADLINES:
Registrations must be received by October 6, 2011 to ensure a seat. Registrations received after that date will be accepted on a space available basis.
CANCELLATIONS:
Cancellations must be received by October 7, 2011. "No-shows" will be charged the full amount ($35 for members; $70 for non-members) if cancellations are not received by October 7, 2011.
REGISTRATION & ADDITIONAL INFORMATION:
Please use the registration link on the ISSA web site Events Listing
The DSC brochure will continue to be updated as Speakers and Topics are confirmed.
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: The Art of Selling Security to the BusinessISSA Monthly Luncheon: The Art of Selling Security to the Business
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Nov 16, 2011
Free - Host sponsored event
Speaker: Diana Nietz, NetIQ
Topic: The Art of Selling Security to the Business
Could your organization be the next victim of a data breach? Eventually, someone will try to compromise your data. To defend against an evolving threat and regulatory landscape and to achieve your business objectives, you need a strong risk management and information security program that is sponsored and recognized by senior business management.
Please join us for The Art of Selling Security to the Business, with guest speaker Diana Nietz of NetIQ, who will explore:
The realities of business today.
Selling the value of security investments.
Securely enabling the business through risk mitigation.
This session will arm you with the information you need to help senior business management recognize that a robust security management program, as an investment in the future of the organization, is essential to any sound IT security
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Roasted Cornish Game Hen with garlic and Rosemary
On Mashed Potatoes and Vegetables Glaszed with Balsamic Vinegar
Dessert: Dutch Apple Pie with Vanilla Ice Cream
11:30 AM - 1:30 PM
FREE ISSA Monthly Luncheon: Hosted by OPNETFREE ISSA Monthly Luncheon: Hosted by OPNET
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Jan 18, 2012
Cost: FREE
Presentation: Diagnosing Application Performance Issues in Your Network - Applications today have so many moving parts that it is difficult to pinpoint the cause of poor application response times, and the network is often the first to be blamed. Typical network monitoring tools provide limited visibility, and downtime often has a huge financial impact. Discover new ways to visualize the network from an application-focused perspective, and greatly reduce the time it takes to get problems resolved.
Speaker: Steve Fry, Senior Account Executive with OPNET Shawn Eustis, Applications Engineering Director with OPNET
Topic: Application Performance Management - it's not always the network!
BIO: Shawn has over 10 years experience in IT, focused on application performance management and packet analysis. He has helped diagnose troublesome performance issues of many clients in every vertical during that span.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Grilled Skirt Steak with Shitake Mushroom Sauce Paired with Crab Cake, Served on Local Style Fried Udon Noodles and Sauteed Zucchini with Tomatoes
Dessert: Vanilla Ice Cream Taco with Fruit Salsa
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Link Layer Visibility ( Free Lunch )ISSA Monthly Luncheon: Link Layer Visibility ( Free Lunch )
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Feb 15, 2012
Cost: $0 - FREE
Presentation: Maintaining "Link Layer Visibility" in Network Monitoring
Speaker: Tony Zirnoon, CISSP
Topic: Most network monitoring tools do not have access to the real physical and link layer of the network, since they are using techniqies such as spanned ports, aggregators and/or netflow. These techniques can introduce aggregation and do not address the issue of losing Link Layer Visibility!
So there you are, you've just bought an analytic tool and you want to get more coverage, say to a few other local network segments - after you realize it's not running at capacity, and you buy an aggregator to place between your network segments and your tool. Guess what... You've lost Link Layer Visibility... You've lost critical information about the nature of the data you're trying to monitor.
You don't know which network segment your tool is looking at, or what your tool does when looking at multiple different network segments, tool results are not correct and you start losing packets because there are now collisions introduced at the ingress, again by the aggregator, in fact - it's worse than that. Sessions are now mixed together and your tool may not be able to differentiate between one session and another - from packets arriving on one port and packets arriving on a different port.
There's nothing wrong with adding an aggregator, that's fine, but next time you're in need - take a look at the VSS line of products which preserve Link Layer Visibility, through advanced features such as Port & Time stamping, High data burst buffers, Microburst detection & Session aware load balancing. Multiply that with the industry's only true Mesh deployment architecture, as opposed to the far less reliable Hub & Spoke approach - and not only do you benefit from seeing multiple network segments with the same, or with multiple different tools, but you also get much more resilient monitoring with a network wide view that self-learns, self-heals and never loses a packet!
What's the upshot to this discussion - I'm glad you asked! Only by preserving Link Layer Visibility can you guarantee you'll be able to find and process the packet that will lead to getting the network back up again. Using an aggregator that doesn't preserve Link Layer Visibility will help to conceal the problem, hide the packet at issue and keep your network down longer / impeding a resolution.
Add in an 80% reduction in Capex by introducing the Network Intelligence Optimization layer, a 50% reduction in Opex - as tools can be concentrated and you're looking in good shape to invest in more tools or facilities that will allow you to offer a differentiation to your end customer - and that's a good thing, so's a promotion because the Network's always up
BIO: Tony Zirnoon, CISSP is the Global Director of Security Strategy & Enterprise Marketing at VSS Monitoring where he's focused on solidifying the company's presence and momentum in the emerging network security and intelligence optimization segment through a comprehensive strategy, joint solutions with technology alliance partners, evangelism and building thought leadership. Tony has more than 15 years IT experience at Fortune 500 companies, bringing a customer-focused perspective as well as delivery of consulting solutions in various industry verticals, and has led numerous information and data security risk assessments, and developments in IT security architecture, security and privacy design and implementations. He has also been regularly involved in helping clients identify and manage their compliance with various state and federal regulations (Sarbanes-Oxley, HIPAA, GLBA, FFIEC, ITAR, PCI, etc). Tony graduated from the CSU, Sacramento with a Bachelor of Science in Computer Science, and holds the CISSP and CCSA, PCI-QSA certifications. He is an active member of the ISC2, IAPP, InfraGard, OWASP and Silicon Valley chapter of ISSA. Linkedin: http://www.linkedin.com/in/zirnoon Twitter: @SecurEvangelist
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Herb Marinated Grilled Sirloin Steak and Citris Honey Mustrad Glazed Chicken Breast
Fresh Mashed Potatoes and Herb Roasted Garden Vegetables
Dessert: Red Velvet Cake
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Hardening the Database, Security Connected, and Chip Level Security.ISSA Monthly Luncheon: Hardening the Database, Security Connected, and Chip Level Security.
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Mar 14, 2012
Cost: Hosted Lunch by Intel/McAfee
Presentation: Hardening the Database, Security Connected, and Chip Level Security
Speaker: Steve Poeppe, Solutions Engineer - McAfee/Intel
Topic: Former Deputy CISO of the State of Idaho, will be sharing some of his thoughts on recent trends in the industry, and the direction that McAfee is taking regarding hardening the database, security connected, and chip level security. Don't miss it!
BIO: McAfee/Intel, Solutions Engineer - 1 Yr Focused on Endpoint, Mobile, Network IPS, Web Gateway, Encryption, Vulnerability Assessment (MVM), Change Control, Whitelisting, Chip Integration, SIEM and Database Security.
State of Idaho, Deputy CISO - 4 Yrs: Responsible for Security Policy/compliance, forensics, monitoring, and Technology acquisition/RFP during the statewide technology consolidation of Endpoint, Network IPS, Web Gateway, Email Gateway, Vulnerability Assessment, and Encryption.
Hewlett Packard, IT Security Operations - 1 Yr: Participated on a global team to manage privileged access on several thousand servers. Managed project to deploy privileged access tracking software to the HP global community.
Superior Courts AZ, SSO - 8 yrs: Responsible for systems and network security, forensics, policy, etc.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Poached Atlantic Salmon
with Green Peppercorn Ginger Sauce
Seasonal Vegetables and Sliced Baked Potatoe with Parsley Butter
Dessert: Vanilla Ice Cream Taco with Fruit Salsa
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: The Rise of HacktivismISSA Monthly Luncheon: The Rise of Hacktivism
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Apr 18, 2012
Cost: No Cost - Sponsored by HP Enterprise Security Products Group
Presentation: The Rise of Hacktivism
Sponsored by: HP Enterprise Security Products Group
Based on market-leading products from ArcSight, Fortify, and TippingPoint, the HP Enterprise Security Products Group uniquely enables enterprises to take a proactive approach that integrates security correlation, deep application security analysis, and network-level defense mechanisms, all backed by our best-of -breed range of information security services.
Speaker: Jerry Fraizer, CEH - HP Enterprise Security TippingPoint Solutions Architect
Topic: The speaker will be sharing information related to the groups that are making headlines and causing the alarming, exponential rise of information security related loss to organizations of all sizes. The speaker will cover notable events, firsthand accounts, and the tools and tactics that Hacktivist groups leverage to carry out attacks. In addition the speaker will cover various tools and techniques that can be leveraged by a security professional to prevent, and mitigate the impact of these types of attacks.
Bio: Jerry Fraizer has worked in the information technology industry for over 14 years in various information security and network engineering roles. Jerry has spent the majority of his career as hands on engineer and architect working on large high transaction networks in PCI-DSS and SOX compliant organizations including a division of Ticketmaster and The City of Irvine, California. Jerry is TippingPoint Security Expert #2058, a Certified Ethical Hacker, holds a Cisco CCNP in Routing & Switching, and holds a Cisco CCNP in Security.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Sauteed Shrimp and Chicken
Poha Berry Port Wine Glaze Chicken Breast and Herb Marinated Shrimp with Garden Medley Whole Grain Rice Pilaf and Seasonal Vegetables
Dessert: Refreshing Homemade Sorbets
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Web Application Firewalls - Protecting Your Web Sites and DataISSA Monthly Luncheon: Web Application Firewalls - Protecting Your Web Sites and Data
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., May 16, 2012
Cost: $25 for ISSA members, $30 for non-members
Speaker: Jock Purnell, Owner/Consultant at JPNI and President of ISSA Hawaii
Topic: Web Application Firewalls - Protecting Your Web Sites and Data
Description: Last month you heard about various ways to hack your web sites, and saw how easy it is to do. This month's topic will cover some ways to protect against these attacks using Web Application Firewalls. Traditional Firewalls can block access but they don't check what's in the actual payload. For that, you need something that is Layer 7, Application Aware. Web App Firewalls fit this requirement, and can check and block such compromises as SQL Injections, Cross Site Scripting and so on. Another problem is in keeping CONFIDENTIAL data (social security numbers, account #'s, etc) from being inadvertently dispersed. One way of protecting your web site is to write perfect code, but this is not always possible. Hence, the need for a Firewall that is application aware. So, come and hear how to protect your web sites, and more importantly, the data behind them.
BIO: Jock has 35 years of IT experience as an IBM Senior SE and Consultant with his own IT services based company. His last twenty years have been spent primarily in the Networking and Security areas, and he has worked with most of the medium and large sized organizations in Hawaii.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Chicken Marsala
Boneless Chicken Breast with Mushroom, Shallot, Marsala Wine Sauce on a Bed of Asparagus Risotto
Desert: Macadamia Nut Cream Pie