Mouse over any item on the left to display further information on the right
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Hardening against buffer overrun attacks: DEP, ASLR, and Executable Space ProtectionISSA Monthly Luncheon: Hardening against buffer overrun attacks: DEP, ASLR, and Executable Space Protection
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Jul 13, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation:
Hardening against buffer overrun attacks:
DEP, ASLR, and Executable Space Protection
Speaker:
Jeremy Shetland, Hawaiian Telcom
Topic:
There are many new attacks that appear every day with very exciting names, however when you look under the hood a lot of the attacks are using the same buffer over flow techniques. Jeremy Shetland will share with us the different types of built-in defense mechanisms for Windows and Linux Systems to ensure you're using the latest anti-buffer overflow technology.
BIO:
Jeremy Shetland is a Senior Security Architect at Hawaiian Telcom and has over 11 years of progressive success across both IT security and network engineering. He has lead numerous projects focused on perimeter and interior defensive measures for organization within the Hawaiian Islands. He has extensive experience in security technologies such as firewall, intrusion prevention systems, security event management and end point protection.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Roasted Cornish Game Hen with Garlic and Rosemary
On Mashed Potatoes and Vegetables Glazed with Balsamic Vinegar
Dessert: Refreshing Homemade Sorbets
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: New Technologies in the Fight Against MalwareISSA Monthly Luncheon: New Technologies in the Fight Against Malware
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Aug 17, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation: New Technologies in the Fight Against Malware
Speaker: Bill Musson
Topic:
Over the past few years, Malware has been increasing in frequency, variation and
the escalation of the defence versus the attack has made it much more difficult
for Anti-Virus vendors to provide defenses based upon traditional methods.
With the rapid adoption of virtualized environments, Anti-Virus vendors quickly
understood that signature based Anti-Virus was not going to be enough to protect
the critical IT systems in their care.
Bill Musson, a Senior Sales Engineer for Symantec, will be discussing new protection
technologies for both physical systems and virtual systems that are outside the traditional
signature based technologies.
BIO: Mr. Musson is a Senior Sales Engineer for Symantec Corporation with over 24 years of Information Security experience and is currently covers the Pacific Rim from Alaska to Bahrain. In his current role, Bill designs and architects solutions to IT problems for the Department of Defense, State of Hawaii and County Government organizations and Hawaii Businesses.
He is a Certified Information System Security Professional (CISSP), and holds a B.S. in Computer Science from Hawaii Pacific University.
BIO:
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Broiled New York Steak
On Roasted Garlic Mashed Potatoes with Cabernet Peppercorn Sauce, Frizzled Onions, Grilled Marinated Squash and Peppers
Dessert: Vanilla Ice Cream Taco with Fruit Salsa
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: The Human Side of TechnologyISSA Monthly Luncheon: The Human Side of Technology
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Sep 14, 2011
Cost: $25 for ISSA members, $30 for non-members
Presentation: The Human Side of Tech: leveraging reptilian brains and butterflies on your next project.
Speaker: Peter Kay, CEO, CyberCom, Inc.
Topic: If you really want to supercharge your next technology upgrade or even improve upon your existing platform, leverage the most important factor, the Human Factor, within your organization.
Don't miss Hawaii's very own Peter Kay (of "Your Computer Minute") as he shares his secrets of leveraging the Human Factor as discovered over his 27 years in Hawaii spanning 6 tech startups and countless local clients ranging from our largest blue-chip firms to the smallest companies. The two key ideas Peter will discuss are:
* Leveraging the most primal human desires (in the reptilian brain) to get people to change their behavior overnight and embrace new technology.
* Transform organizational complexities where even the smallest movement can sometimes bring your entire project to a halt (The Butterfly Effect) into a powerhouse of focused efforts that brings about change faster and more completely than ever thought possible.
While human interface design is a deeply researched area, human behavior is rarely if ever formally considered in technology projects. Designed for both technical, management, and operational areas of all companies big and small, this presentation will give you insights that few consider and may make the difference between success and failure on your next project.
BIO:
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Roasted Chicken Breast with Tarragon Cream Sauce
On Herbed Rice Pilaf and Seasonal Vegetables
Dessert: Key Lime Pie
Hawaii's 18th Annual ISSA Discover Security Conference
All Day
Hale Koa Hotel, Honolulu, Hawaii
Fee allows attendance to both days of conference:
ISSA Members $35.00
Non-Members: $70.00
No need to register for both days. Register for the conference under the event listing for 10/12/2011.
Sink or Swim.
Most of the major security related vendors will be participating, and focusing on security, disaster recovery, compliance, performance and availability.
DATE AND LOCATION:
October 12-13, 2011
Hale Koa Hotel
Honolulu, Hawaii
FEES:
Cost of Event (2-days):
ISSA Members - $35.00
Non-Members - $70.00
DEADLINES:
Registrations must be received by October 6, 2011 to ensure a seat. Registrations received after that date will be accepted on a space available basis.
CANCELLATIONS:
Cancellations must be received by October 7, 2011. "No-shows" will be charged the full amount ($35 for members; $70 for non-members) if cancellations are not received by October 7, 2011.
REGISTRATION & ADDITIONAL INFORMATION:
Please use the registration link on the ISSA web site Events Listing
The DSC brochure will continue to be updated as Speakers and Topics are confirmed.
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: The Art of Selling Security to the BusinessISSA Monthly Luncheon: The Art of Selling Security to the Business
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Nov 16, 2011
Free - Host sponsored event
Speaker: Diana Nietz, NetIQ
Topic: The Art of Selling Security to the Business
Could your organization be the next victim of a data breach? Eventually, someone will try to compromise your data. To defend against an evolving threat and regulatory landscape and to achieve your business objectives, you need a strong risk management and information security program that is sponsored and recognized by senior business management.
Please join us for The Art of Selling Security to the Business, with guest speaker Diana Nietz of NetIQ, who will explore:
The realities of business today.
Selling the value of security investments.
Securely enabling the business through risk mitigation.
This session will arm you with the information you need to help senior business management recognize that a robust security management program, as an investment in the future of the organization, is essential to any sound IT security
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Roasted Cornish Game Hen with garlic and Rosemary
On Mashed Potatoes and Vegetables Glaszed with Balsamic Vinegar
Dessert: Dutch Apple Pie with Vanilla Ice Cream
11:30 AM - 1:30 PM
FREE ISSA Monthly Luncheon: Hosted by OPNETFREE ISSA Monthly Luncheon: Hosted by OPNET
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Jan 18, 2012
Cost: FREE
Presentation: Diagnosing Application Performance Issues in Your Network - Applications today have so many moving parts that it is difficult to pinpoint the cause of poor application response times, and the network is often the first to be blamed. Typical network monitoring tools provide limited visibility, and downtime often has a huge financial impact. Discover new ways to visualize the network from an application-focused perspective, and greatly reduce the time it takes to get problems resolved.
Speaker: Steve Fry, Senior Account Executive with OPNET Shawn Eustis, Applications Engineering Director with OPNET
Topic: Application Performance Management - it's not always the network!
BIO: Shawn has over 10 years experience in IT, focused on application performance management and packet analysis. He has helped diagnose troublesome performance issues of many clients in every vertical during that span.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Grilled Skirt Steak with Shitake Mushroom Sauce Paired with Crab Cake, Served on Local Style Fried Udon Noodles and Sauteed Zucchini with Tomatoes
Dessert: Vanilla Ice Cream Taco with Fruit Salsa
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Link Layer Visibility ( Free Lunch )ISSA Monthly Luncheon: Link Layer Visibility ( Free Lunch )
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Feb 15, 2012
Cost: $0 - FREE
Presentation: Maintaining "Link Layer Visibility" in Network Monitoring
Speaker: Tony Zirnoon, CISSP
Topic: Most network monitoring tools do not have access to the real physical and link layer of the network, since they are using techniqies such as spanned ports, aggregators and/or netflow. These techniques can introduce aggregation and do not address the issue of losing Link Layer Visibility!
So there you are, you've just bought an analytic tool and you want to get more coverage, say to a few other local network segments - after you realize it's not running at capacity, and you buy an aggregator to place between your network segments and your tool. Guess what... You've lost Link Layer Visibility... You've lost critical information about the nature of the data you're trying to monitor.
You don't know which network segment your tool is looking at, or what your tool does when looking at multiple different network segments, tool results are not correct and you start losing packets because there are now collisions introduced at the ingress, again by the aggregator, in fact - it's worse than that. Sessions are now mixed together and your tool may not be able to differentiate between one session and another - from packets arriving on one port and packets arriving on a different port.
There's nothing wrong with adding an aggregator, that's fine, but next time you're in need - take a look at the VSS line of products which preserve Link Layer Visibility, through advanced features such as Port & Time stamping, High data burst buffers, Microburst detection & Session aware load balancing. Multiply that with the industry's only true Mesh deployment architecture, as opposed to the far less reliable Hub & Spoke approach - and not only do you benefit from seeing multiple network segments with the same, or with multiple different tools, but you also get much more resilient monitoring with a network wide view that self-learns, self-heals and never loses a packet!
What's the upshot to this discussion - I'm glad you asked! Only by preserving Link Layer Visibility can you guarantee you'll be able to find and process the packet that will lead to getting the network back up again. Using an aggregator that doesn't preserve Link Layer Visibility will help to conceal the problem, hide the packet at issue and keep your network down longer / impeding a resolution.
Add in an 80% reduction in Capex by introducing the Network Intelligence Optimization layer, a 50% reduction in Opex - as tools can be concentrated and you're looking in good shape to invest in more tools or facilities that will allow you to offer a differentiation to your end customer - and that's a good thing, so's a promotion because the Network's always up
BIO: Tony Zirnoon, CISSP is the Global Director of Security Strategy & Enterprise Marketing at VSS Monitoring where he's focused on solidifying the company's presence and momentum in the emerging network security and intelligence optimization segment through a comprehensive strategy, joint solutions with technology alliance partners, evangelism and building thought leadership. Tony has more than 15 years IT experience at Fortune 500 companies, bringing a customer-focused perspective as well as delivery of consulting solutions in various industry verticals, and has led numerous information and data security risk assessments, and developments in IT security architecture, security and privacy design and implementations. He has also been regularly involved in helping clients identify and manage their compliance with various state and federal regulations (Sarbanes-Oxley, HIPAA, GLBA, FFIEC, ITAR, PCI, etc). Tony graduated from the CSU, Sacramento with a Bachelor of Science in Computer Science, and holds the CISSP and CCSA, PCI-QSA certifications. He is an active member of the ISC2, IAPP, InfraGard, OWASP and Silicon Valley chapter of ISSA. Linkedin: http://www.linkedin.com/in/zirnoon Twitter: @SecurEvangelist
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Herb Marinated Grilled Sirloin Steak and Citris Honey Mustrad Glazed Chicken Breast
Fresh Mashed Potatoes and Herb Roasted Garden Vegetables
Dessert: Red Velvet Cake
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Hardening the Database, Security Connected, and Chip Level Security.ISSA Monthly Luncheon: Hardening the Database, Security Connected, and Chip Level Security.
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Mar 14, 2012
Cost: Hosted Lunch by Intel/McAfee
Presentation: Hardening the Database, Security Connected, and Chip Level Security
Speaker: Steve Poeppe, Solutions Engineer - McAfee/Intel
Topic: Former Deputy CISO of the State of Idaho, will be sharing some of his thoughts on recent trends in the industry, and the direction that McAfee is taking regarding hardening the database, security connected, and chip level security. Don't miss it!
BIO: McAfee/Intel, Solutions Engineer - 1 Yr Focused on Endpoint, Mobile, Network IPS, Web Gateway, Encryption, Vulnerability Assessment (MVM), Change Control, Whitelisting, Chip Integration, SIEM and Database Security.
State of Idaho, Deputy CISO - 4 Yrs: Responsible for Security Policy/compliance, forensics, monitoring, and Technology acquisition/RFP during the statewide technology consolidation of Endpoint, Network IPS, Web Gateway, Email Gateway, Vulnerability Assessment, and Encryption.
Hewlett Packard, IT Security Operations - 1 Yr: Participated on a global team to manage privileged access on several thousand servers. Managed project to deploy privileged access tracking software to the HP global community.
Superior Courts AZ, SSO - 8 yrs: Responsible for systems and network security, forensics, policy, etc.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Poached Atlantic Salmon
with Green Peppercorn Ginger Sauce
Seasonal Vegetables and Sliced Baked Potatoe with Parsley Butter
Dessert: Vanilla Ice Cream Taco with Fruit Salsa
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: The Rise of HacktivismISSA Monthly Luncheon: The Rise of Hacktivism
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., Apr 18, 2012
Cost: No Cost - Sponsored by HP Enterprise Security Products Group
Presentation: The Rise of Hacktivism
Sponsored by: HP Enterprise Security Products Group
Based on market-leading products from ArcSight, Fortify, and TippingPoint, the HP Enterprise Security Products Group uniquely enables enterprises to take a proactive approach that integrates security correlation, deep application security analysis, and network-level defense mechanisms, all backed by our best-of -breed range of information security services.
Speaker: Jerry Fraizer, CEH - HP Enterprise Security TippingPoint Solutions Architect
Topic: The speaker will be sharing information related to the groups that are making headlines and causing the alarming, exponential rise of information security related loss to organizations of all sizes. The speaker will cover notable events, firsthand accounts, and the tools and tactics that Hacktivist groups leverage to carry out attacks. In addition the speaker will cover various tools and techniques that can be leveraged by a security professional to prevent, and mitigate the impact of these types of attacks.
Bio: Jerry Fraizer has worked in the information technology industry for over 14 years in various information security and network engineering roles. Jerry has spent the majority of his career as hands on engineer and architect working on large high transaction networks in PCI-DSS and SOX compliant organizations including a division of Ticketmaster and The City of Irvine, California. Jerry is TippingPoint Security Expert #2058, a Certified Ethical Hacker, holds a Cisco CCNP in Routing & Switching, and holds a Cisco CCNP in Security.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Sauteed Shrimp and Chicken
Poha Berry Port Wine Glaze Chicken Breast and Herb Marinated Shrimp with Garden Medley Whole Grain Rice Pilaf and Seasonal Vegetables
Dessert: Refreshing Homemade Sorbets
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Web Application Firewalls - Protecting Your Web Sites and DataISSA Monthly Luncheon: Web Application Firewalls - Protecting Your Web Sites and Data
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., May 16, 2012
Cost: $25 for ISSA members, $30 for non-members
Speaker: Jock Purnell, Owner/Consultant at JPNI and President of ISSA Hawaii
Topic: Web Application Firewalls - Protecting Your Web Sites and Data
Description: Last month you heard about various ways to hack your web sites, and saw how easy it is to do. This month's topic will cover some ways to protect against these attacks using Web Application Firewalls. Traditional Firewalls can block access but they don't check what's in the actual payload. For that, you need something that is Layer 7, Application Aware. Web App Firewalls fit this requirement, and can check and block such compromises as SQL Injections, Cross Site Scripting and so on. Another problem is in keeping CONFIDENTIAL data (social security numbers, account #'s, etc) from being inadvertently dispersed. One way of protecting your web site is to write perfect code, but this is not always possible. Hence, the need for a Firewall that is application aware. So, come and hear how to protect your web sites, and more importantly, the data behind them.
BIO: Jock has 35 years of IT experience as an IBM Senior SE and Consultant with his own IT services based company. His last twenty years have been spent primarily in the Networking and Security areas, and he has worked with most of the medium and large sized organizations in Hawaii.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Chicken Marsala
Boneless Chicken Breast with Mushroom, Shallot, Marsala Wine Sauce on a Bed of Asparagus Risotto
Desert: Macadamia Nut Cream Pie
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: Defending Business EcosystemsISSA Monthly Luncheon: Defending Business Ecosystems
11:30 AM - 1:30 PM
Hale Koa Hotel
RSVP Required!
by 11-AM Wed., June 13, 2012
Cost: $25 for ISSA members, $30 for non-members
Presentation: Organized attacks can effect both large businesses and the smaller businesses they serve. How service providers and their customers can collaborate in 360 degree security solutions.
Speaker: Beau Monday, CISSP GSEC - Information Security Officeer - Hawaiian Telcom
Topic: Recent breeches of personal financial information have been widely publicized as having not only caused the normal concerns and inconveniences to consumers, but real material cost to the banks that have guaranteed the fraudulent transactions to maintain customer confidence despite the limits of their responsibilities. Even the largest banks and insurance companies with the most sophisticated security measure are vulnerable if their merchants and subscribers are unaware of the risk of vulnerabilities to their databases, transaction systems and their responsibility for intensified security.
Who's responsible for security in an end-to-end transaction: examples from the financial services and healthcare industries. Can a small business afford security? Or perhaps the better question is can they afford not to have it? Solutions available for even the smallest business can improve customer confidence.
BIO:
Hawaiian Telcom, Information Security Officer
Hawaiian Telcom's Information Security Officer, Beau Monday is responsible for managing the company's Information Security program.
Prior to joining Hawaiian Telcom, he spent time doing security work for Wells Fargo bank, T-Mobile USA and AT&T Wireless, among others, during an IT career that has spanned over 2 decades.
Beau's industry certifications include the CISSP and SANS GSEC. He is also a contributing member of the Cloud Security Alliance, and was one of the first people in the
world to attain their CCSK certification when it became available in 2010.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Baked Mahi-Mahi Filet
with Tomato Chive Beurre Blanc
on Garlic Mashed Potatoes and Mushroom Zucchini Saute
Dessert: Strawberry Cream Cheesecake
11:30 AM - 1:30 PM
ISSA Monthly Luncheon: State of Hawaii Strategic PlanISSA Monthly Luncheon: State of Hawaii Strategic Plan
11:30 AM - 1:30 PM
Hale Koa Hotel
Presentation: Sanjeev "Sonny" Bhagowalia will provide an overview and update on the State of Hawaii's progress in developing it Business and Information Technology/Information Resource Management Strategic Plan.
Speaker: Sanjeev "Sonny" Bhagowalia
Topic: In September 2011, the state released the first-ever comprehensive assessment of its IT assets, policies, and procedures in a baseline report, which provided the recommendations and findings for the basis of priorities, architecture and projects that will be included in the Strategic Plan. Bhagowalia will also focus on the importance of cyber security and the vigilance required at all levels to protect personally identifiable information (PII), confidential, and sensitive information.
BIO: Sanjeev "Sonny" Bhagowalia is the State of Hawaii's first full-time Chief Information Officer. Since taking on the position in July 2011, he has overseen the publishing of the first comprehensive assessment of the state's information technology systems, applications, policies and procedures. He and his team are now developing the State of Hawaii Business Transformation and IT Strategic Plan, which is scheduled for publication in July 2012. The Strategic Plan will provide the roadmap for the State's information technology modernization initiative, a key component of Governor Abercrombie's New Day Plan.
Lunch Menu:
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Grilled Skirt Steak with Shitake Mushroom Sauce Paired with Crab Cake, Served on Local Style Fried Udon Noodles and Sautéed Zucchini with Tomatoes
Dessert: Vanilla Ice Cream Taco with Fruit Salsa