Calendar of Events

Upcoming Events

ISSA-LV Chapter Meeting – November 14, 2018


ISSA-LV Chapter Meeting

Wednesday November 14, 2018 from 11:30 AM to 1:00 PM PST

Incident Response Maturity Modeling, Frameworks, and Areas of Focus

Abstract: At the heart of all security operations, Incident Response is the playbook by which we all handle our security operations and efforts. Please join us in our next ISSA meeting where My-Ngoc Nguyen, Elliot Lewis and Steve Bonilla will lead an interactive discussion with the ISSA members on:

• The various aspects of maturity modeling for Incident Response

• How the Incident Response frameworks of today are evolving

• Primary areas of focus that need to be looked at to keep IR up to date and effective in today’s IT operations.


ISSA-LV Chapter Meeting

Tuesday August 7, 2018 from 11:30 AM to 2:00 PM PDT

Join us for our Annual Security Week meeting. 

Elliot Lewis, VP ISSA LV, and President/Chief Architect of Lewis Security Consulting, will be presenting an overview of the cyber-security technology trends that have emerged from RSA Conference 2018 in April, and what to watch for in the cyber-security industry and investigate at Blackhat Conference 2018 in Las Vegas this week.  We will discuss what technologies are emerging, changing positions, and other features that appear to be losing effective over time.


ISSA-LV Chapter Meeting

Wednesday July 11, 2018 from 11:30 AM to 1:00 PM PDT

How not to get burned when it’s Cloudy: Best Practices for Network Security in Public Cloud

 

Abstract:

Application & DevOps owners are rapidly building & migrating new applications using PAAS and IAAS solutions from AWS, Azure, GCP and others.  Public Cloud represents a shared responsibility for security around ones network security controls, IAM, data protection and threat detection & mitigation.  Native cloud controls do exist, but are limited in their scope and vary from cloud to cloud.   Understanding both the capabilities and limitations of the cloud SDN and native controls are critical to navigating your journey & migration in to the cloud.

Come learn best practices on how to utilize the native cloud SDN and security controls and compliment those functions with 3rd party security tools.  Attendees will learn best practices on how to work with AWS, Azure and GCP Cloud Native Networking & Security functions to interoperate with Network Virtual Appliances for insertion & service chaining of additive security controls in the public cloud.

 

Greg’s bio:

Greg Pepper has been an IT professional for 15+ years with expertise in Security, Networking & Cloud Computing.  Initially working for Sony Online Entertainment, Price Waterhouse Coopers & Organic, Greg has spent the last 15 years working for Cisco & Check Point helping customers to design, plan and implement secure networks throughout the Internet Edge, Campus Backbone, Data Center and Cloud Environments.  Currently a Head of Cloud Security Architects for Check Point, Greg focuses on Software Defined Data Centers working with customers and partners to secure Software defined solutions with in Amazon Web Services, Microsoft Azure, VMware NSX, Cisco ACI and OpenStack.

 


ISSA-LV Chapter Meeting

Wednesday April 11, 2018 from 11:30 AM to 1:00 PM PDT

Applying AI & Machine Learning to Solve *Actual* Security Problems

AI holds tremendous promise, but a learning curve exists for many. How have organizations put AI and machine learning to use to more efficiently identify threats?  How have security leaders used AI to improve certain security processes?  What are reasonable ROI expectations for any AI initiative?  This session will focus on real-world AI successes and failures and lessons learned along the way.  Although a ton of hype exists around AI and machine learning but there are promising case studies involving AI and security in the field. My background in application security has exposed me to early AI implementations. I hope to cut through much of the puffery to provide attendees a foundation for understanding AI, where AI can be put to use, and how to measure success of security projects involving AI.

John Dickson

Principal

John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd. He has nearly 20 years hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO’s) of Fortune 500 companies and government organizations launch and expand their critical application security initiatives. His leadership has been instrumental in Denim Group being honored by Inc. Magazine as one of the fastest growing companies in the industry for five years in a row.

A former U.S. Air Force officer, Dickson served in the Air Force Information Warfare Center (AFIWC) and was a member of the Air Force Computer Emergency Response Team (AFCERT). Since his transition to the commercial arena, he has played significant client-facing roles with companies such as Trident Data Systems, KPMG and SecureLogix Corporation.

Dickson is a popular speaker on security at industry venues including the RSA Security Conference, the SANS Institute, the Open Web Application Security Project (OWASP) and at other international security conferences. He is a sought-after security expert and regularly contributes to Dark Reading and other security publications. He also regularly contributes to the Denim Group blog where he writes about key security industry issues such as software security and cyber security policy. A Distinguished Fellow of the International Systems Security Association, he has been a Certified Information Systems Security Professional (CISSP) since 1998.

Dickson is currently the Chairman of the San Antonio Chamber of Commerce Cyber Security Committee where economic development, workforce and advocacy issues involving San Antonio’s growing cyber security industry are coordinated. Dickson is also a member of the prestigious Texas Business Leadership Council, the only statewide CEO-based public policy organization that serves as a united voice for the state’s senior executives to participate in the legislative and regulatory process. Most recently, he was the past Chairman of the Texas Lyceum, a leadership group that prepares leaders for the State of Texas and served as Chairman of the North San Antonio Chamber of Commerce. He also served as the local President of the Information Systems Security Association and was an honorary commander of the 67th Cyber Space Wing which organizes, trains and equips cyberspace forces to conduct network defense, attack and exploitation.

He holds a Bachelor of Science degree from Texas A&M University, a Master of Science degree from Trinity University and a Masters in Business Administration from the University of Texas in Austin. Dickson resides in San Antonio, Texas where he is married with two children.

 


ISSA LAS VEGAS CISSP REVIEW COURSE

Save the Dates:

The Las Vegas ISSA Chapter is offering its CISSP Review Course.  The dates will be February 24, March 3, March 10, March 17, and March 24. Each class will be 9-5.  Breakfast and Lunch provided.
All the CISSP Domains will be covered by local Security Experts.
Save the Dates!

Call for CISSP Mentors

The Las Vegas Chapter of the Information Systems Security Association (ISSA) has begun its call for mentors for the Winter 2018 session of the Certified Information Systems Security Professional (CISSP) review course.

If you are interested in being a mentor for the group, please reach out to our Education Director at education@lvissa.org with your interest. As a mentor, you may earn CPE credits towards your own certification by presenting to the chapter’s students.

As a mentor, you do not need to be a current member of the Las Vegas ISSA. You do need to be qualified as an expert in your field and in the subject you wish to mentor. Existing CISSPs are preferred, but other qualifications may apply in lieu of the CISSP.

Classes are scheduled for: February 24, 2018, March 3, 2018, March 10, 2018, March 17, 2018, and March 24, 2018.

We are seeking mentors to cover each of the 8 current CISSP domains as illustrated in the attached outline. Below is a brief description of each domain:


 

ISSA-LV Chapter Meeting

Wednesday January 10, 2018 from 11:30 AM to 1:00 PM (PST)

The internet has become the defacto source for doing business, both legitimate and malicious. Whether you’re communicating with colleagues, buying items, or just reading the current news, chances are you’re using the internet. But not every place on the internet is intended to be good. In fact, a section often described as the underbelly of the internet provides marketplaces for criminal actors that ply their trade in illicit wares. This section of the internet has been labeled the darkweb or darknet. Join Hayden Williams as he provides an overview of the darknet and how it’s being used together with social media websites by the criminal element to steal your data.

Hayden Williams is an accomplished security leader with over twenty years of experience in information technology and cyber security in the federal, public, and private sectors. Hayden currently serves as Senior Manager and Team Lead for the Verizon Threat Research Advisory Center (VTRAC). In this role, he leads and conducts cyber forensic investigations, provides incident response assessments/guidance, and assists large corporations with improving their overall cyber security posture. Prior to working for Verizon, Hayden was a Special Agent with the Department of Defense where he investigated Cyber and espionage-related matters that spanned the globe.


ISSA-LV Quarterly Meeting – How enterprise organizations use CSA data to evaluate cloud vendors’ security

Wednesday November 8, 2017 from 11:30 AM to 1:00 PM (PST)

How enterprise organizations use CSA data to evaluate cloud vendors’ security

For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many. Jim is helping shape the future of information security and related technology industries as co-founder, CEO and driving force of the Cloud Security Alliance. Jim has been named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com.

Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, governments, large enterprises and other organizations on the implications of new trends such as Cloud, Mobility, Internet of Things and how to take advantage of them. Jim founded SecurityPortal, the Internet’s largest website devoted to information security in 1998, and guided it until a successful exit in 2000. Jim has been an advisor on the launch of many industry ventures that have achieved a successful M&A exit or IPO. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration. Jim received a B.A. in Business Administration / Computer Science from Western Washington University in 1987 and formerly served on WWU’s alumni board. Jim was recognized as a WWU Distinguished Alumnus in 2015. In 2016, Jim was inducted into the Information Systems Security Association (ISSA) Hall of Fame.


ISSA-LV Quarterly Meeting – Weaponizing the World

Tuesday, July 25, 2017 from 11:30 AM to 1:30 PM (PDT)

Weaponizing the World

In the 21st century, the gadget orientated world around us fills our lives with convenience and wonder. These magical times are filled with awe-inspiring wizardry; however, we very rarely pull back the curtain to see that there is no wizard present, but in fact a wide range of benign tools that can be weaponized. Join Aaron Crawford of the Insider Security Agency as he leads a discussion about the process of weaponizing every-day devices that can be found around the office to aid in his various red team engagements. Having successfully conducted red team engagements on nearly every continent Aaron demonstrates that it is easier to think inside the box for the win. At no other time is this evident than this talk as Aaron unveils an entirely new and unstoppable attack vector.

As a certified security professional with over 20 years of experience in the IT/IS industry, Aaron Crawford eats, sleeps and continually drinks from the security fire hose. This passion for IT and Security lead him to form the Insider Security Agency while also serving as Proficio’s Senior Information Security Engineer. In his spare time, he runs Squirrels In A Barrel, an independent training and learning resource for the Security industry.

His fascination with Social Engineering led him to form the World Championship of Social Engineering. A global Social Engineering capture the flag contest that allows participants to learn and safely practice Social Engineering, within the world’s largest Social Engineering sandbox. Alongside with his work on social engineering Aaron can also be found serving as the founder of the Skeleton Crew scholarship for DefCon.

Professionally known as one of the most proficient and successful Social Engineers, Aaron can be found creating new technologies and techniques to further the field of Social Engineering and speaking about them where ever he can.


Please find slides from the speaker here

ISSA-LV Quarterly meeting – Beating the Resume Robots & The Shifting Cyber Security Education Paradigm

Wednesday, April 12, 2017 from 11:30 AM to 1:00 PM (PDT)

Beating the Resume Robots & The Shifting Cyber Security Education Paradigm

It is an exciting time to work in cyber security with so many different cyber career paths to choose from, a variety of cyber security certifications, new cyber talent entering the field, and yet so much opportunity to shift the cyber security recruiting and hiring education paradigm. How do you make sense of it all and build a resume that beats the robots? The presenter spent six (6) long years living inside REDDIT, in the HR / Recruiting forums, writing down every resume tip and explanation of how these resume robots operate to better understand the system. This presentation will examine several unique and innovative ways that you can beat the resume robots, develop better HR partnerships, and build synergy to bridge the cybersecurity resume/talent gap to shift the cybersecurity education paradigm.

  1. Introduce my cyber background, cyber mission and current cyber priorities
  2. Explain the contextual landscape of the state of Cyber Security resumes and education (the chain reactions that are driving cyber security hiring and education)
  3. Dive into the evolution of cyber security combat (the current state of hacker for hire services, nation states and extinction level attacks that are driving cyber security awareness and education)
  4. Explain the current state of cyber security recruiting, hiring, resume robots, and Applicant tracking systems (including the state of Human Resources recruiting, applicant tracking systems, resume robots, and how it all works)
  5. Dive into the cyber resume robots and cyber education paradigm shift by looking at the current and future state of ‘Experiential layer‘ cyber security awareness and education
  6. Open the floor to Q&A

Matt Heff has been stopping cyber criminals since 1998. In January 2016, Heff joined Sands Corp as their Senior Manager of Global Cyber Security – responsible for training, awareness, and developing their world-class cyber security team. This includes the Venetian and Palazzo Resorts in Las Vegas, in addition to properties globally from Macau to Singapore and now Pennsylvania. He trains and develops a variety of Sands cyber security professionals on a variety of subjects including cyber security Operations, Digital Forensics Investigations, Cyber Strategy, Governance & Risk, Vulnerability Management, Penetration Testing, Incident Response, Security Architects and Engineers. In addition, he develops and promotes cyber security awareness for 60,000+ team members worldwide.

Most recently, he spoke on “Counter Intelligence and Insider Threats” at the December 2016 Department of Homeland Security Corporate Security Symposium. In January of 2017, Heff presented at the Winter ICT Conference on “Building Synergy and Partnerships between Academia and Industry” In April 2017, Heff will be presenting at the Las Vegas Camp IT Conference, and he is also scheduled to give the keynote at the 21st Colloquium For Information Systems Security Education in May 2017.

Prior to joining Sands Corp, Heff developed and facilitated cyber security awareness programs as well as corporate learning and development programs for TJ Maxx / Marshalls, Caesars Entertainment, and General Electric. Heff comes from a family of educators & trainers, growing up in a house where the family dinner conversations revolved around the best methods for teaching and educating students and adults. He is passionate about combining academia in partnership with industry to develop programs which ensure the next generation of cybersecurity warriors are combat ready & can successfully defeat the cyber criminals.


ISSA LAS VEGAS CISSP REVIEW COURSE
(Feb 18, 2017 – Mar 18, 2017)

Due to popular demand, The ISSA Las Vegas Chapter is offering a second preparatory course this year for individuals who are planning to take the (ISC)2 CISSP certification exam and for those who just want to learn more about information security. The course will take place every Saturday – February 18th, February 25th, March 4th, March 11th, March 18th.  Registering for the first class will cover all 5 classes.  The purpose of this review course is to review each of the 8 CISSP certification domains and better prepare you to take the CISSP exam. This course is offered at a minimal cost to our chapter members and is subsidized by vendor partners. It is a low cost alternative for those wishing to expand their information security knowledge.

WHO SHOULD ATTEND?
Anyone who has at least one year of experience in an Information Security (InfoSec) department or will be employed in the near future in some type of InfoSec capacity; anyone with a college degree or equivalence; anyone preparing to take the CISSP exam administered by (ISC)2 (www.isc2.org) or anyone who wants to learn more about information security.

COST:
The cost of the entire course is $40 for ISSA members and $70 for non-members.
Payments can be made through Eventbrite and must be paid in full to reserve your seat. There’s a limit of 30 students. Additional requests may be placed on standby in case of an opening. Please register at Eventbrite:

MATERIAL:
Each Participant will be responsible for purchasing his/her own Study Guide. All presentation slides will be provided to the student prior to the class in electronic format. Please print them if you need a hard copy.

Click here for the recommended study guide


ISSA-LV Quarterly meeting – Purposeful Wanderings in a Cyber Career

Wednesday, January 11, 2017 from 11:30 AM to 1:00 PM (PST)

Purposeful Wanderings in a Cyber Career

Professionals in any field are wise to consider the stepping stones of career growth. This conversation will explore information security experiences in various cities, organization sizes, and industries. Hear one security leader’s perspective on the maturing profession, and how to become a valued player anywhere. Then join discussion with your peers of how to excel in different environments – locally or anywhere.

Michael St. Vincent is Chief Information Security Officer at The Cosmopolitan of Las Vegas supporting the overall IT risk management program for the luxury casino and resort. St. Vincent joined The Cosmopolitan in May 2015, spearheading initiatives such as information security strategy and direction, implementation of security policies and standards and shaping the use of tools and processes for technology compliance and legal leaders, in addition to working across the business spectrum to ensure appropriate controls of technology supports.

With more than two decades of experience as a leader within his field, St. Vincent’s expertise lies within developing, implementing and leading information security programs in financial, defense industry, ISP, and hospitality organizations. Having led information security projects in Canada, Chile, Columbia, India, the United Kingdom, and across the United States, he has an awareness of the limitations and advantages of various cultural settings, risk profiles and management styles.

Recognized as an ISSA Fellow, an exclusive group of nominated industry leaders and philanthropists, his passion for developing security mindsets has included collaborating on industry research and presenting at events as diverse as board meetings, professional conferences and regional security events.

St. Vincent holds an MBA, has been an active Certified Information Systems Security Professional (CISSP) since 1998 and maintains additional certifications as CISA, CISM and CRISC. He has served on the SANS GCIA Advisory Board, Microsoft’s CSO Council, Metro Nashville Mayor’s Information Security Advisory Board and in several local information security related groups, providing support to encourage a stronger profession. In his personal time, he devotes time to supporting youth development programs locally, nationally and internationally including community service and leadership development activities.


ISSA-LV Quarterly meeting – Betting on the Cloud, and Winning

Wednesday, November 9, 2016 from 11:30 AM to 1:00 PM (PST)

Betting on the Cloud, and Winning
Adoption of the cloud is not only attractive for its technical prowess, but is becoming a competitive necessity.  Companies not only have the challenge of determining how to best leverage the cloud, but more importantly how to secure it in absence of the traditional defined network perimeter.  By focusing on the data, a new security model can be built based on Access Control, Data Encryption and Encryption Key Custodianship.  This new security model can be applied on both on-premise and public/private workloads, allowing enterprises to confidently embrace a multi-cloud workload strategy.

Gorav Arora works in the CTO office of Gemalto’s Identity and Data Protection business.  An IT professional for over 15 years, Gorav started his career in startups and large organizations around Silicon Valley, getting hooked to delivering many world “first” solutions. He has a broad background ranging from development of silicon-chips to large scale software systems.  Recently, his accomplishments have been focused on building solutions that ensure organizations stay ahead of the latest threats to their digital assets.  Gorav holds an MEng degree from McMaster University, where he specialized in computer vision and distributed architectures.


ISSA LAS VEGAS CISSP REVIEW COURSE
(Sep 17, 2017 – Oct 15, 2016)

Due to popular demand, The ISSA Las Vegas Chapter is offering a second preparatory course this year for individuals who are planning to take the (ISC)2 CISSP certification exam and for those who just want to learn more about information security. The course will take place every Saturday – September 17th, September 24th, October 1st, October 8th, and October 15th.  Registering for the first class will cover all 5 classes.  The purpose of this review course is to review each of the 8 CISSP certification domains and better prepare you to take the CISSP exam. This course is offered at a minimal cost to our chapter members and is subsidized by vendor partners. It is a low cost alternative for those wishing to expand their information security knowledge.

WHO SHOULD ATTEND?
Anyone who has at least one year of experience in an Information Security (InfoSec) department or will be employed in the near future in some type of InfoSec capacity; anyone with a college degree or equivalence; anyone preparing to take the CISSP exam administered by (ISC)2 (www.isc2.org) or anyone who wants to learn more about information security.

COST:
The cost of the entire course is $40 for ISSA members and $70 for non-members.
Payments can be made through Eventbrite and must be paid in full to reserve your seat. There’s a limit of 30 students. Additional requests may be placed on standby in case of an opening. Please register at Eventbrite:

MATERIAL:
Each Participant will be responsible for purchasing his/her own Study Guide. All presentation slides will be provided to the student prior to the class in electronic format. Please print them if you need a hard copy.

Click here for the recommended study guide


ISSA-LV Quarterly meeting – Other soldiers play war games. Why not cyber warriors?

If you are in Las Vegas during Black Hat, you are invited to lunch and hands-on training presented by the ISSA Las Vegas Chapter and the Arizona Cyber Warfare Range (AZCWR).

When:   August 2, 2016 (Black Hat Registration Day)

11:30a-1:00pm – lunch and presentations,

1:00pm-4:00pm –  training

Where:  SWITCH InNEVation Center, 6795 Edmond Street, 3rd Floor, Las Vegas, NV 89118  Innevation, powered by Switch

The Las Vegas ISSA Chapter is proud to announce we will hold a joint lunch meeting/training day with the Phoenix ISSA Chapter-sponsored Arizona Cyber Warfare Range on August 2, 2016, from 11:30am-4:00pm, with lunch and presentations from 11:30am-1:00pm.

The event will include presentations by Rich Larkins (ISSA Phx), Frank Grimmelmann (ACTRA) and Brett L. Scott (AZCWR) in addition to hands-on hacking exercises using the AZCWR Mobile Impression Lab.

The Arizona Cyber Warfare Range (AZCWR) is a non-profit organization that hosts a 24×7 live fire cyber warfare range available for use by the public to develop a continuous improvement process for cyber warfare and security. Areas of focus include computer network attack, defense, and digital forensics.  The AZCWR hosts live fire exercises for beginners through real world operations, with ranges to match the skill levels and education of students, with capability for upward progression into the real world of cyber warfare.  If you are interested in finding out more about the AZCWR, including how to join and develop your skills, please visit http://azcwr.org
A special thanks to AZCWR for the donation of their time and knowledge, and to the InNevation Center for the donation of the meeting space and continued support.
We hope to see you there for a great afternoon of networking with your peers, learning, and network hacking!

There will be a very limited number of workstations set up for hands-on exercises.   If you want to participate using your own system, please be prepared with Kali 2.0 in a virtualized or disposable environment before the meeting.

Recommended setup:

Hardware:   Minimum – 2 cores and 4GB RAM.   Recommended – At least an i3 or i5 level system with 8GB of RAM

Networking:  Gigabit Ethernet RJ45 interface (wireless may be available, but will be_much_slower)

OS:   Any OS capable of running FireFox and Kali 2.0 in a virtual environment such as Oracle VirtualBox (Win or Linux) or Parallels for Mac.


The Las Vegas Chapter of the Association of IT Professionals has extended its member pricing for the upcoming April 2016 Presentation – “Head in the Cyber sand – Why Small Businesses need Security” to the members of the Las Vegas ISSA Chapter.

Register here

Wednesday, April 27, 2016 from 5:30 PM to 8:00 PM (PDT)
Sierra Gold
6515 South Jones Boulevard
Las Vegas, NV 89118


Please find slides from the speaker here

Find the Verizon Data Breach Digest here

ISSA LV Chapter Quarterly Meeting – Understanding Data Breaches

Wednesday, April 20, 2016 from 11:30 AM to 1:00 PM (PDT)

Understanding Data Breaches:  A look at the Verizon Data Breach Digest

Many data breach victims believe they are isolated in dealing with particularly sophisticated tactics and never before seen malware – we’ve seen otherwise. To us, few breaches are unique. Our research suggests that, at any given time, the vast majority of incidents fall into a small number of distinct scenarios and, as such, there’s an enormous amount of commonality in cyberattacks. We’ve leveraged the Vocabulary for Event Recording and Incident Sharing (VERIS) framework and our extensive data breach investigation cases to produce the Data Breach Digest. The Data Breach Digest and its 18 scenarios illustrate how data breaches work and together prescribe a recipe for prevention, mitigation, and response. This presentation will discuss the Data Breach Digest, specifically how the scenarios contained within will help you identify important sources of evidence and ways to quickly investigate, contain and recover.

Hayden Williams is a Senior Security Consultant with Verizon Business Investigative Response Team. In this role, he responds to cyber-related security incidents, conducts on-site incident response capability assessments, and performs forensic activities for the various digital forensic investigations he performs. Prior to working for Verizon, Hayden performed cyber investigations for the Department of Defense as well as held various IT jobs in the public sector. Hayden has over 19 years of IT experience, the last 10 years focused on digital forensic and IT security.


Joint-Association Mixer Event

The Las Vegas Chapter of the Association of IT Professionals has extended its member pricing for the upcoming January 2016 Mixer at Pot Liquor Town Square to the members of the Las Vegas ISSA Chapter.

The event will be held on Wednesday January 27 2017 from 5:30pm – 8:00pm at Pot Liquor CAS at Town Square (Located across from Yard House), 6587 South Las Vegas Blvd, Las Vegas NV 89119. You may use the following Eventbrite link to register:

https://www.eventbrite.com/e/aitp-january-2016-mixer-pot-liquor-town-square-tickets-20353376497

We hope to see you there!


Please find slides from the speaker here

ISSA LV Chapter Quarterly Meeting – Tor

Wednesday, January 20, 2016 from 11:30 AM to 1:00 PM (PST)

Gaming Laboratories International
7160 Amigo Street
Las Vegas, NV 89119
The Onion Router, also known as Tor, is both a software and network used to anonymously access the web. Although praised by many privacy advocates and journalists worldwide, it remains controversial due to it being a gateway to the dark web. This presentation will focus on the tool’s operation, network logistics and cover recent issues surrounding it.
Emilie St-Pierre is a part-time security consultant and full-time cybersecurity student at the College of Southern Nevada. As an information security enthusiast, she co-hosts a local podcast on the subject and is fond of promoting education and discussion on issues in her field.

ISSA LAS VEGAS CISSP REVIEW COURSE

The ISSA Las Vegas Chapter offers an annual preparatory course for individuals who are planning to take the (ISC)2 CISSP certification exam and for those who just want to learn more about information security. The course will take place January 30th, Feburary 6th, Feburary 20th, Feburary 27th, and March 5th.  Registering for the first class will cover all 5 classes.  The purpose of this review course is to review each of the 8 CISSP certification domains and better prepare you to take the CISSP exam. This course is offered at a minimal cost to our chapter members and is subsidized by vendor partners. It is a low cost alternative for those wishing to expand their information security knowledge.

WHO SHOULD ATTEND?
Anyone who has at least one year of experience in an Information Security (InfoSec) department or will be employed in the near future in some type of InfoSec capacity; anyone with a college degree or equivalence; anyone preparing to take the CISSP exam administered by (ISC)2 (www.isc2.org) or anyone who wants to learn more about information security.

COST:
The anticipated cost of the entire course is $40 for ISSA members and $70 for non-members.
Payments can be made through Eventbrite and must be paid in full to reserve your seat. There’s a limit of 30 students. Additional requests may be placed on standby in case of an opening.

MATERIAL:
Each Participant will be responsible for purchasing his/her own Study Guide. All presentation slides will be provided to the student prior to the class in electronic format. Please print them if you need a hard copy.  The Board also recommends CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide 7th Edition


ISSA LV Chapter Appreciation Luncheon

Wednesday, December 16, 2015 from 11:30 AM to 1:00 PM

Fogo de Chão Brazilian Steakhouse
360 East Flamingo Road
Las Vegas, NV 89169

In appreciation of your dedication to the Information Security practice and your membership in the ISSA Las Vegas Chapter, we would like to invite you to our Annual Appreciation Holiday Luncheon.


Please find slides from the speaker here

ISSA LV Chapter Quarterly Meeting – How to make a pen tester’s work hard.

Wednesday October 7th, 2015 from 11:30 AM-1:15 PM

Gaming Laboratories International

7160 Amigo St.

Las Vegas, NV 89119

Come join us for our quarterly Las Vegas ISSA chapter meeting – networking and education all in one!
This quarter our presentation will be from an experienced pen tester about the top things an organization can do to make his (and other pen testers’) jobs more difficult – and as a result, make your organization more secure.  Expect practical takeaways and an inside look at how pen testing really works.
We look forward to seeing you there!

Patrick Kiley, B.S. Economics, GXPN, GPEN, GAWN, GCIH, CISSP, CCSP, MCSE- Senior Security Consultant

Patrick has over 15 years of information security experience working with both private sector employers and the Department of Energy/National Nuclear Security Administration (NNSA).  While he was with the NNSA he built the NNSA’s SOC and spent several years working for the Nuclear Emergency Teams in Nevada, where he held a TS/SCI and DOE Q clearance.  He also spent some time as the lead security engineer for Caesars Entertainment.  Patrick is a contributor to the Metasploit Framework and has developed innovative methods for attacking wireless networks.  Patrick got his bachelor’s degree in Economics and and holds several SANS GIAC certifications, he is also a CISSP.  Patrick was also one of the first people to receive the Advanced Penetration Testing and Exploit development (GXPN) certifications from SANS.  Patrick has several years of experience in security engineering as well as penetration testing and exploit development.