Phoenix ISSA Newsletter Q3 2013

Transcription

1 Phoenix ISSA Newsletter Q Q President s Message 2013 is half over and Phoenix ISSA has enjoyed some great meetings with more to come. Our Q3 meeting was our best attended meeting of the year. We had four great presentations, give-aways from the chapter and sponsors and we even raffled off two trips to the 2013 ISSA International Conference in Nashville, Tennessee. Thanks to all who organized and presented. These are the type of quality meetings Phoenix ISSA strives to deliver. We hope the variety, professionalism, and new perspectives shared at our meetings make your jobs a little easier. We have three upcoming events that you will want to mark on your calendars and attend: ISSA-Infragard joint meeting - The joint event will feature three speakers on the connection between Cyber-Security and National Security. (3 CPEs) September 19, 1:30-4:30pm at the AZ Dept of Emergency Management's Russell Auditorium (5636 E McDowell Road, Phoenix, Arizona 85008). Free to members Q4 Chapter meeting - theme is Act (4 CPEs) October 9, 11:30-5:00 at ITT Tech (5005 S Wendler Dr, Tempe, AZ 85282). Sponsors include FishNet, eplus Security, Websense and ITT Tech. Free to members Inside this issue President s Message Cont Q3 Meeting...2 Security Trivia...2 Q3 Meeting Continued Schola rships...3 Security Trivia Answers...4 Upcoming Events...4 Phoenix ISSA Conta cts Phoenix Security a nd Audit Conference..5 Goals a nd Objectives...6 Sponsors...6 Websites Phoenix ISSA Website

2 Q President s Message Continued 2013 Phx Security and Audit Conference (#PhxSAC) - joint conference with Phx ISACA and IAA (7 CPEs) October 22, 8:00-5:00 at Desert Willow Conference Center (4340 E Cotton Center blvd, Phoenix, Az ) $40 members, $100 non-members (until Aug 31) 7 Tracks: Soft Skills, IT Audit, Mobile Technologies, Hackers & Threats, Hot Topics, Securing the End User, Risk Management 2 Keynotes, CISO Rountable, LiveFire Range We hope you can join us. Thank you for participating and helping us grow the information security community. Regards, Aaron Computer Security President, Phoenix ISSA 1. Which of the popular operating systems is virtually most secure? 2. Which type of attack do hackers use to gain information from you without the use of specialized computer programs? 3. Which service was originally designed for network administrators to work remotely on different computers in their network but is now mostly used by malicious hackers? Q3 Meeting was about Security Detection Presentations: Evolution of Wire Fraud Mike Kirby II Director of Security Services at Fidelity Information Services (FIS) Abstract: Whether we know it or not, malicious software has changed our world. It has impacted us personally, within the organizations we work for, our financial institutions, and even our laws. I will discuss recent events that have shaped the changes in the banking industry and how they impact us as security professionals and consumers. 2

3 Q3 Meeting Continued Using Log Correlation to Detect Network Security Incidents Bert Hayes, Solutions Engineer at Splunk Abstract: There are a handful of infrastructure logs that are considered the absolute bare minimum to monitor for signs of network security incidents. I'll describe what these resources are and how log correlation can detect compromised systems. I'll identify additional logs that can then be used after an incident to conduct a more thorough investigation Phoenix ISSA Scholarships The scholarships have been decided upon by the board and will be awarded at the next quarterly meeting. Implementation of a Log Correlation Tool Vauda Jordan, Lead Security Engineer at the City of Phoenix Abstract: There is no doubt the benefit of a log correlation tool, and more and more organizations are making the move to purchase such a tool, but what does it take to implement? Just like the Curious Case of Benjamin Button, a log correlation tool starts out as a sluggish, slow start to gather all of the information and implement. And in the end, it still needs the care and feeding of a newborn baby. This is reality when implementing a log correlation tool in a fast paced and rapidly changing organization. The tool must be implemented and integrated into the organization s infrastructure and processes, and constant change to infrastructure and processes require constant changes to the tool. Over the past 3 years, the City of Phoenix implemented such a tool I ll present the good, the bad, and the ugly of the implementation. Compliance Mandates, Insider Threats, and the Need for Secure Audit Stephen Helm, Product Marketing Specialist at Safenet, Inc. Abstract: Breaches are rampant and more frequent than ever before. Threats come from both inside and outside the organization. Organizations need to assume that attackers can circumvent their perimeter defenses, and take steps to protect their data assets in the event of a breach. However, the job is not done. The threat of insider attacks poses another challenge to security. High integrity audit logs, which provide a clear view into who did what, when, are increasingly being required by compliance initiatives. In this session, learn how secure audit logging can be used to mitigate the threat of insider attacks, and support the larger goal of Securing the Breach. 3

4 Trivia Answers 1. Linux. OS security is a very important aspect to think about when purchasing your computer. Today, many computers, that are not specially designed, are shipped with Windows 8 or Windows 7, although it is highly recommended that users switch to Linux systems. This is because these systems are not only more affordable (many of them are completely free), but there are only a limited number of viruses written for these systems, so the risk of you getting a virus while using a Linux system is definitely lower than if you were using a Windows computer. 2. Social Engineering. Yes, it is possible for skilled hackers to gain important information from you without using specially programmed software. This type of attack is called Social Engineering, and it is basically a situation in which the hacker tries to gain your trust and then uses that trust against you. 3. Telnet. Telnet is a specialized service which was originally used by network administrators, although these days, there are many other uses for it, such as connecting to a web-server and spoofing (providing fake) information about yourself. Upcoming Events ISSA Quarterly Meeting Theme: Act Tuesday October 8, :30 AM 5:00PM ITT Technical Institute, Tempe, AZ SDSUG Sonoran Desert Security User Group August 14, :45 AM 4:15 PM University of Advancing Technology (UAT), Tempe, AZ ISSA Web Conference: Mobile App Security Issues Tuesday, August 27, :00 AM 11:00 AM ISSA-Infragard Joint Meeting: Cyber-Security meets National Security Thursday, September 19, :30 PM 4:30 PM Russell Auditorium, Arizona Division of Emergency Management 5636 E McDowell Road, Phoenix, Arizona More details to come on the website. ISSA Web Conference: Big Data Tuesday, September 24, :00 AM 11:00 AM More details to come on website. Arizona Technology Summit Wednesday, September 25, :00 AM 5:00 PM Phoenix Convention Center (South Ballroom) Details & registration at Register using ISSA without the quotes Phoenix Security and Audit Conference Tuesday, October 22, :00 AM 4:30 PM Desert Will Conference Center, 4340 E Cotton center, Phoenix AZ Details and registration: 4

5 2013 Phoenix Security and Audit Conference This year's conference will be bigger, better, and more flavorful. ISSA, ISACA, and IIA are partnering as hosts (yes, we're covering the entire Security & Audit worlds), pulling from a total membership count of over 1,600. We're hosting seven or more professional tracks and expecting 350 attendees, over 100 from our 2012 conference. Preliminarily the tracks are: Soft Skills IT Audit Mobile Technologies Hackers & Threats Hot Topics Securing the End User Risk Management It's technical and it's high-level. It's packed with everything you need to know about the latest security risks impacting organizations and how to prepare and audit. You will take away practical implementation guidance and lessons learned from top-notch presenters and regulators. And the networking is unmatched. Phoenix ISSA Contacts President Aaron S. Carpenter Vice-President Rich Larkins Secretary Ilene Klein Treasurer Dee Ramon Sponsorship Director Kathy Doolittle Program Director Anne-Marie Olson (AMO) Communications Director Pat Wilson Membership Director Kurt Schmeckpeper 5 Web Director Jenner Holden

6 Phoenix ISSA Mission Statement The mission of the Phoenix ISSA Chapter is to provide a forum for the education of information security to its members through presentations and open discussions on topics important to the members and the information security industry. Phoenix ISSA Goals and Objectives The goals and objectives of the Phoenix ISSA Chapter are to: Offer products and services that deliver value to members (website, newsletter) Enhance its members professional growth Maintain the ability to provide expert and high-quality speakers at chapter meeting Support the enhancement of the credence and legitimacy of the information security profession Support ISSA s objective to establish itself as the leadership voice of the profession Increase Membership Encourage local information security professionals to attend chapter meetings and join ISSA Encourage existing members to spread the word about ISSA Develop correspondence to recruit new members and sustain existing members Conduct membership drives Continually identify ways to improve the Phoenix ISSA Chapter initiatives Support ISSA s endorsement of the CISSP Establish relationships with similar associations in Phoenix Conduct annual survey to identify the ongoing interests and needs of the members and the industry Make effective use of funds through budgeting Provide the foundation for an ongoing chapter for many years to come THANKS TO OUR SPONSORS FOR THE THIRD QUARTER OF 2013