ISSA Chapter Meeting 1 October 2024:
Opening remarks: Hybrid meeting: Meeting held in-person at ECPI and virtually on Zoom. For questions, please raise your virtual hand or use the chat feature. Charles is attending virtually today. Please give us feedback after the meeting what did you like? What could we improve?
Agenda: Welcome/Membership/Education/Presentation/Business Meeting/Q&A/ Feedback/Adjourn
Organization Chart: This will be changing as elections are coming up!
ISSA-HR Professional Association Benefits: Build professional relationships, stay current on developments in areas of information security/risk/privacy, professional development, education opportunities, (looking forward to our presentation today!) Earn CPE/CEU continuing education credits, (Membership chair can handle CPE/CEU inquiries) learn practical and best practice solutions, career information and employment opportunities
Grow Professionally!:
Whether you’re a pre-professional, entry-level, mid-career, senior practitioner or security leader, ISSA offers strategic resources and guidance to successive career levels.
Membership Annual Cost: Professional (Not a student) $95, Student 30, (Chapter Dues $30) Professional = $125 total, Student = $60– Your company May even reimburse these dues! Does not hurt to ask.
*Select Hampton roads as your chapter
New Members: Welcome: Dan W!
Glad to have you, thank you for joining!
Education: Resources on website, we do now have a separate mentorship program; we are passionate about what resources are out there!
Goals: Provide educational resources, mentorship opportunities, team-building/collaboration, hands-on industry tool familiarization, certification tracking/pipeline
If you want to learn more, reach out to us and we will hook you up
Google Cybersecurity Professional Certificate: Google AI Essentials, offered by Coursera
What you’ll learn: Understand the importance of cybersecurity practices and their impact for organizations; Protect networks, devices, people, and data from unauthorized access and cyberattacks using Security Information and Event Management (SIEM) tools.
Enrollment period: September 9th- November 30th
Enroll for Free! (Financial Aid available)
https://grow.google/certificates/cybersecurity/
NICCS (National Initiative for Cybersecurity Careers and Studies) FedVTE
(Federal Virtual Training environment)
Available for:
Federal government employees and contractors
State, local, Tribal and Territorial (SLTT) government employees
U.S military personnel and Veterans
Publicly Available (select courses):
No cost online cybersecurity training on topics such as cloud security, ethical hacking and surveillance, risk management, malware analysis and more.
FedVTE offers:
Quarterly course catalog for existing and future courses
Courses for all proficiency levels from beginner to advanced
850 hours of training mapped to the NICE framework
Certification prep courses on topics such as ethical hacking, Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP)
The ability to work at your own pace from any computer or mobile device
https://niccs.cisa.gov/education-training/federal-virtual-training-environment-fedvte
Reading List: Blog of the Month:
Capgemini Data Breach: French IT Consultant company hacked for 20 GB of data, a lot of IP,
Fortune 500 company data stolen, unclear on the wholeness of what was leaked.
In September 2024, Capgemini was hit by a significant data breach. A hacker claimed to have stolen 20 GB of sensitive data, including databases, source code, encryption keys, credentials, and employee information. The data breach exposed critical internal files and potentially put many of the company’s global operations at risk.
Key Takeaways:
Scope if the Breach: 20 GB stolen data, affecting Capgemini’s global operations, potentially compromising intellectual property and employee data.
Type of Data Exposed: databases, source code, encryption keys, login credentials, and personal employee information.
Impact:The breach could have far reaching consequences for Capgemini’s clients, to include Fortune 500 corporations and governments, compromising sensitive personal and financial data.
Response: Capgemini has yet to comment fully on the breach but is investigating the incident to assess the extent of the damage and prevent further exposure.
Importance: This breach underscores the growing sophistication of cyberattacks targeting major IT service providers and their global client bases. It also highlights the importance of ensuring robust security measures to protect sensitive internal information, particularly in industries handling sensitive client data.
Social Media Resources:
Zeffy is used for event registrations
Feel free to pitch in and share ideas on our discord!
Discord (QR below), can use QR code, link or search “ISSA-HR” (https://discord.com/invite/Jt3m7TWQzQ)
LinkedIn: great resource to get in touch with us:
Click the QR code (Above), link or search for “Information Systems Security Association – Hampton Roads Chapter” https://www.linkedin.com/company/information-systems-security-association-issa-hampton-roads-chapter/
Website: Be sure to also check out the Meeting recap on the ISSA-HR webpage!
Been blogging on the LinkedIn! Thanks Faith! We love feedback!
https://issa-hr.org/issa-chapter-meeting-6-august-2024/
Meetings and Social Events:
1 October: Austin McKean: Guarding your NFCU: Local Social Engineering Scams
12 Nov: Tal Reznikov: Topic TBD
3 December: Holiday Party and Election results
7 January 2025: Xavier-Lewis Palmer, PhD Engineering (Topic TBD)
Looking for speakers as we look ahead to 2025! As well as in-house backup speakers.
We may be looking for a new meeting program director as our current meeting director Evan is on the ballot for the President position. It’s a great way to have a reason to connect with people, network and invite them to talk for ISSA!
After-Meeting Networking Happy Hour: After ISSA meeting at plaza Degollado. (Around at the corner from ECPI).
Cyber Social at Casual Pint: Wednesday October 30th 5:30-8:30, it’s a great casual (non formal) event, always a good turnout. A great place to network. No current scheduling conflicts for this location. Definitely a good time. Come out for a beer, you can sign up for emails to stay in the know about these events!
Jobs:
Need a job: Type of Job, Elevator Pitch (Value you bring, qualifications, additional info)
Have a Job: Title of Job, basic requirements, contact information
ISSA has a job search page http://iz1.me/XJU31zUSeBV
https://issa-jobs.careerwebsite.com/jobseeker/search/results/
Government Jobs: USAJOBS.gov:
Government job resource: Great resource for fed resumes: Federal Resume Guidebook by Kathryn Troutman (https://www.amazon.com/Federal-Resume-Guidebook-Writing-Featuring-dp-173340760X/dp/173340760X/ref=dp_ob_title_bk)
Best way to get a job is through networking.
Need a Job: If you’re looking for work, now’s your chance to let us know! Let us hear your elevator pitch: an Introduction, summary of what you do: current role and why you are doing well there, relevant experience, explain your value/what problem you can solve, and a Call to action for what you’d want to do next. Whether you are currently employed or just want to practice, now is a great opportunity.
Optionally, for an extra 30 seconds you can add other details such as clearance status, remote, on-site or relocation preference, additional education/certs not already mentioned, and other short details. We can post your email in the chat if you want, we will ensure it gets to the right people.
Justin retired from the military a few months ago, wants to put his kids through college, has worked a wide range of cyber specialities, DLP, SIEM, “Hooligans in the UK cutting fiber” Looking for something in the IT OR Security field, In the military i’ve done just bout everything. I have my clearance (TS) but I would prefer something non DoD. CISSP, A+. Net+. Sec+
Malki (?) ECPI Student, with a software background, looking to branch out, I graduate in May, Working on Security+
Josh Reyes, analyst at NCDOC, CISSP, CysA Cloud, Sec+ Looking for a skill-bridge opportunity, my contact is up next September, not sure if I want o stay in the threat realm or branch into Pentest, plan on taking OSMP next year, Johnnie recommends for this person to get the Spunk stuff. TS/SCI, Johnnie also says NETWORK.
Have a Job:
Job title/Company/Type (Contractor, Government, Private sector, Internship, Full time, Part time)/Requirements (Years’ work experience, Education, Certs, Clearance)/Desired experience, qualifications and any other information desired (keep it short)
Charles (CJ) is looking for two positions for a contract, part of DHS, one is a help desk type, where helping people work with software is the job, pretty low key, all he needs is for you to be able to communicate with people, if you have worked for DHS or any of its components, highly recommended, also has a GIS position, DoD preferable
Johnnie (attending virtually), transitioning into mentorship director chair position, works for SAIC, has gotten many people in there, service desk, a very valuable pivot into the field and a GREAT way to get your clearance! Great learning opportunity.
Monthly Presentation: Guarding Your Navy Fed Credit Union Account: Local Social Engineering Scams
Austin will present to us his experiences with local scams, that has been experiencing a surge in activity. This scam could target anyone with a bank account, but his focus will be on the Navy Federal Credit Union scam that targets our active-duty family members and their families. He will discuss some of his experience and follow on research he did on this scam.
Austin is active duty Navy, started as a SOC analyst, pivoted to Tier II, and progressed into Watch floor supervisor. Austin transferred to the training department and heads the command indoctrination program, lessons learned program, and advancement in-rate training pipeline.
Agenda: Introduction/Statistics/ Social Engineering Basics/ How the Scam Works/ Defending against the Scam/ Becoming Social Engineering conscious.
Austin McKean:
working currently toward OSCP, going through that pipeline, Cyber Warfare Technician (CWT), Five years of Cyber Experience, Led DoD Intelligence Watchfloor, Two Tier II Analyst Teams, CRTT, PCTE, INDOC, LLM, etc.
A Statistical View:
Navy Federal Credit Union (NFCU) services a wide variety of personnel, 13.1 million members, 166 branches on or near military installations, yearly awarded 5 separate BBB awards for Best Military Credit Union, over 74% of members use digital banking through an app or online. In the Hampton Roads area, 150,000 population are DoD personnel, 83,000 being Military.
What is Social engineering: “The Art of replacing what works with what sounds good” – Thomas Sowell
I love that quote so much because it boils things down, (Keep it Simple, Silly) K.I.S.S.
Social Engineering Basics: Social engineering refers to all techniques aimed at talking a target into revealing specific information or performing a specific action for illegitimate reasons.
Key Techniques:
Phishing: a technique for attempting to acquire sensitive data such as bank account numbers, through a fraudulent solicitation in email or website.
Pretexting: is creating a fabricated story, pr pretext, to gain a victim;s trust and trick or manipulate them.
Baiting: a type of social engineering attack where a scammer uses a false promise to lure a victim into a trap.
The Scam:
How Does it Work?: Can be boiled down to a seven step process:
1. Scammer approaches victim
2. Scammer uses pretexting, spins a story to guise the victim to transfer money
3. Victim agrees
4. Scammer and victim try to rectify issue/story with transfer
5. Scammer gains access to victim’s NFCU app.
6. Scammer submits a loan application with falsified information through victim’s account.
7. Scammer transfers proceeds of loan into scammer’s account.
This scam usually occurs in person, involves a false story to evoke emotion or guilt on the victim, encouraging the victim to hand their phone with their open, authenticated Navy Federal app to the scammer.
Q: is this in person interaction?
A: Yes, at least what has been documented, almost always in person, virtually NO cyber skill, “can I talk to that person? can I lie to that person?”
Effects of the Scam:
Over $110,000 worth of damages
Since November 2023 there has been 23 reported cases in Portsmouth alone
Approximately 200 pending cases between CA and FL since June 2024
Austin speaks of a commander he knows, who didn’t divulge much information but did disclose that he was a victim.
Antoni Garza, as reported by WAVY 10 was a victim of this scam:
some of Antoni Garza’s quotes:
“At that point I was right there, they cornered me kind of between my car and their car- The man who was talking to me was talking extremely fast– At that point they were demanding my phone and it was either my life, or my phone.”
Three people had driven up, and he took the opportunity to escape, they were demanding his phone, it was either the phone or his life.
“About two months ago I was filling up at 7/11, an older woman approached me, using pretexting, she spun a story how she was driving up for her late husbands funeral, ultimately to me the ten dollars for gas was well worth the interaction—about three days ago, I came across the same old woman, who had the same story of having to drive to bury her husband.” It can happen to anyone.
Defending against the Scam:
NEVER give someone access to your banking applications/information.
Don’t be afraid to say NO and walk away
If you feel threatened, contact emergency services.
“They have bypassed your authorization, DON’T hand it over, even in situations where there are three people pressing you, try to remember that these people want something from you, in their favor not yours. Navy Federal has stated “if a member is a victim of fraud, they can contact us any time”, however: forewarning, NFCU has said other things, that because you gave that person access to your account, it is on you.”
Becoming Social Engineering Conscious: “Social engineering bypasses all technologies including firewalls.”
Attend training sessions recognizing social engineering tactics and scenarios,
Verify the identity of recipient/sender before divulging information,
Report suspicious activities,
Foster a security-first mindset.
Questions?:
Q: There’s a lot of information you can grab, did you reach out to NFCU directly or?”
A: There’s plenty of Reddit stories of this exact thing happening to others, I checked out the NFCU fact sheet, spoken to a few reps, when I learned legally there is nothing I can do.
Q: What are the demographics of people susceptible to this scam?
A: That’s an interesting question, typically, it almost, all of reported cases have been military members, comes from that short hair, how we carry ourselves, people coming up to gas stations, and running into these sob stories.
I don’t have that information on hand but about 90% have been specifically military members.
It has been seen where non threatening people have pitched sob stories to try to gain access, whether low and slow or fast and mad it could be the same effect.
Q: How did that commander’s experience happen?
A: It was a sob story, mid-20’s late-20’s woman, he has kids and his kids have kids, its a moment of weakness that was exploited, that same ordeal of pulling on the heartstrings. It can come from anybody, that is one of the biggest threats of Social engineering. As long as they are well-versed in psych or be able to fabricate a story.
Q: Is this similar to the notice put out to local commands putting out notices not to go to certain Wawas?
A: it may be linked. People at my command have been victims, people who are supposed to be WELL VERSED in cyber, it can happen to ANYONE.
Q: Have there been other locations they hit?
A: Antoni’s scenario was, he was walking to Planet Fitness, it can happen anywhere in public. A key question is “Do you know where the nearest Navy Federal is?” They ask this to find out if you bank there. Usually, there’s a 74% chance you are using the online apps. Are they focused on certain areas, i’m not sure, from what i’ve seen from reports is it is a widespread thing that can happen anywhere.
Q: Comment– we have had one of our own do a presentation some time ago encouraging us to put a credit lock on their account–Innovas is a great way to freeze your credit, it helps put extra protections talked about in SecurityNow podcast.
Q: A tip most of us should know is you can get a free annual credit report from agencies, you can get data monitoring as well if you ave been victim to any data breach in the last five years.
Evan has been printing coins! This one this month is VB mermaid themed, “Cyber is more than 1’s and 0’s”
References:
https://www.rediit.com/r/VirginiaBeach/comments/1di723q/be_aware_of_the_local_scam_and_tell_everyone/
https://www.navyfederal.org/about/corporate-fact-sheet.html
Thank you Austin!
Business Meeting:
Old business/New business/Membership Updates/Secretary: Meeting Minutes/Treasury Report/Social Media Updates
Old Business: CyberSocial,: lot of great conversations, a great time!
Business (Board) Meeting.
New Business:
Election Committee
Audit Committee
Holiday Party Potluck
Election Committee:
As per Article IV of the ISSA Hampton Roads Bylaws: Election Committee: Johnnie Shubert, Richard Rychlicki
Nominations:
President: Evan Larsen
Vice President: Brian Fannin (Brian has formally withdrawn)
Secretary/COO: Faith Walauskas
Treasurer/CFO: Peter Cook
Johnnie would like to nominate John Bos for vice president, and he wants to express his gratitude for him
Evan has nominated Faith Walauskas for Vice President
Article V: Elections
Bylaws applicable to elections:
SECTION 1: The Officers shall be elected by popular vote, each general member in good standing to be entitled to one vote.
SECTION 2: The Nominating Committee shall consist of two members in good standing as selected by the Officers at the October meeting of each year (we are kicking this off early). Members in good standing may volunteer for this function.
SECTION 3: Elections shall be held during the December meeting of each year. Or as determined by term or moved as needed to accommodate extenuating circumstances such as hurricanes or Covid. When the election must be scheduled outside of December, every effort should be made to schedule as soon as possible. (I.e every other year for 2-year terms.) (See Section 6 below).
SECTION 4: The Nominating Committee Chairman shall prepare and distribute election ballots at least one month prior to the December meeting.
SECTION 5: Election results shall be announced at the end of the December meeting. Or at the beginning of the next meeting.
SECTION 6: The term of office shall consist of two years commencing at the conclusion of the December meeting.
(Hoping to update Section 3 during August 15 business meeting to amend December-held elections)
Election Committee Best Practices:
PREPARE FOR ELECTION:
1. Identify election workforce
2. Find and read the latest bylaws, especially sections on audits, elections and turnover processes
3. Follow the bylaws, have them present in case of questions.
4. Define and record the process particulars then distribute/brief it to membership.
5. Early and frequent request for nominations
6. Request nominations AT EVERY MEETING to attain momentum, enlarge the field and get people involved/talking about it.
7. Determine type of election: Designated or Rolling nominations. Each has advantages and drawbacks. Smaller numbers of nominees normally indicate a rolling nomination.
As usual, if you see something you can contribute to the board, appointed positions can be created!
Audit Committee:
Evan Larsen and Charles Heiden
A report provided:
Evan: has all the files from Peter to audit the Treasury for the last year and a half, he has also been part of the last audit, realized he audited 20/21, 23 and part of 24, not audit but reviewed 2023 as it was not looked at very closely
Did a lot of digging for this information,
Peter has made it very easy to find, did all the math, the in’s and outs matched up
Verifying, we can say the only thing as a super minor hit is one of the receipts had the date cut off the top, it was a pizza receipt, it was easy too look at and work backwards to get that right.
Make sure you capture the date of the receipt please.
2022, covid hit up, we didn’t do an in depth analysis, I did a run over the last four years, we spent a lot of 2022 and did not being a lot in, mostly because of Post-Covid, had a decent income from our classes, then we had covid, we came back afterward, and were still spending like pre-covid, we took a three grand hit between 01/12, it was a reality check, shows why early in 2023 we kept buying food, but we didn’t have enough revenue to continue covering that.
Sponsorship is still in the works, Holiday party is the big spender,
“it’s underway”.
Recap, pre covid, during covid, still post CISSP class we taught, we were losing money on this. Will say this year we are doing well, we are in the positive due to watching our spending/
Summary, running the numbers, all in all, we gained money in 2020, we are coming back, we didn’t spend much in 21, burned a lot in 2022, halfway through realized we were burning too hot and now we are coming back, in the last five years we have lost 3 grand.
Our spending habits, broken down in percentages, holiday party is the biggest expensive we have. When we are making good money with classes, sponsorship, of course lets have a good holiday party, its just excessive at this time.
If you or your company can help out in sponsor, you may be owed that, (membership reimbursement?)
nothing too excessive, that’s a four, 5 year spread of where we are spending our money.
Peter is churning up ideas for a way ahead next year.
If we go back to an easy sponsorship, companies could pay for food, we had that back in 2021,
so all in all nothing, the big negative, review our spending habits, I missed the days when we were doing classes, we had enough money that we were giving scholarships to students at science fairs, I want to get some money in so we can do cool community stuff again.
As we sit down and figure out sponsorship, we will be asking everybody’s help in any capacity.
Peter: I really like what Evan did with it, combined with what Evan put together I went to another association i’m a member of, who does a pay projection for the year. This is awesome, very well put together, we are going to try to get to 5000 and then we need to make what we are spending, we are working really hard to come up with sponsorship, have looked up other companies, want to do more outreach, we just have to earn it, and leave the money there as a cushion, each new two year elected official, should leave the same amount when elected officials are done as when they start.
Johnnie is interested in kicking back off a CISSP study group, Has been an instructor at universities, wants to put that on the table.
It’s a really big commitment,
Evan: when we did it we provided a lot of notes,
Johnnie just got his CISSP, he has current stuff,
we want to get sponsorships year-to-year, Peter knows a company who sponsors ISSA Raleigh.
Rick has a client who may be interested if they can present,
Peter has put together a proposal, Tiers, something like that could work under a certain tier.
Vote to record audit report: motioned, recorded.
CJ: id love to say your report did really well, My excel was really messy, now i’m like Man, I concur with everything you said, it was really easy to find all the right receipts, I was dreading it because I had ever done it before but I could match everything up.
Bylaws applicable to audit:
Section 7: The Treasurer will also work with the auditors, either prior to or right after the board elections every two years to complete a full audit, even if the same person remains as the Treasurer.
Section 5: An Auditing Committee consisting of two members in good standing and/or a qualified accountant shall be appointed by the President at the September meeting of each year (we are kicking this off early in the August meeting). These individuals shall not be Officers. The responsibility of the Auditing Committee shall be to examine all financial records of the Chapter and provide a report of its findings and recommendations to the membership at the December meeting prior to elections (this is to me amended). This report shall be in writing and shall be maintained as part of the permanent records of the Chapter.
Conferences:
MSSN CTRL 2024, Arlington, VA, October 2-4, $200 https://www.mssnctrl.org/
VASCAN Conference 2024, Williamsburg VA, Oct 10-11 $150 https://vascan.org/
REGISTRATION ENDS TODAY 1 OCT 2024
Hack the Railroad: Columbia Maryland, October 23-24 $0-$300 https://thetac.tech/hack-the-railroad-2024-conference
Free if you are student, government, military, virtually attending
ShmooCon, The LAST ShmooCon ever, Tickets go on sale Nov1st-Dec1st, they will GO FAST Washington DC, Jan 10-12 $175 https://www.shmoocon.org/
We love to volunteer at local conferences! Great way to network, garner interest in our chapter. Some of the best networking opportunities compared to merely being a guest. We are always looking for people!
Membership Update:
Number of members: 49
Last meeting: 11 members, 8 visitors in attendance
If you are expired/expiring, be sure to renew your membership to remain in good standing!
September 10h Meeting Minutes: Meeting recap on website:
https://issa-hr.org/issa-chapter-meeting-10-september-2024/
Presentation Speaker: Orantes Blanks: My Crypto Theft: protecting your crypto assets in a digital world
Old Business: Cyber Social @ Casual Pint July 24, possible Bsides involvement with DC757
New Business: Board meeting, Election Committee
Treasurer Report Balance: $4,463.60 recorded.
Treasurer Report:
Balance: $4,329.15
TRYING to get to $5,000, trying to put up with the BOA fees for being under 5k
The sunshine fund income ($55) has not been included in this report, Johnnie has to look back in his Zelle transactions.
Holiday Party: had talked about a few places, Causal Pint, etc, the final vote was we were going to do a potluck at Cybrex HQ, which has now become books from October through the end of the year, since CP was the only other option, seems to have defaulted back to Casual Pint, can we still do that?
There was a fee? Did we have a budget Evan: 200 for room and food, I would recommend an initial 200, to be 400, consider 200 as a reservist . Recommend we get approval of 400 from the masses.
HOA was 500 just to reserve the room which doesn’t make a reservation on the room
Vote for budget approval, then gentleman’s agreement, appetizer,
Mike: The way holiday party has worked in the past, mike and his wife put together a menu in accordance with the budget, if we can do CP for 200-400, still provide shareable for everybody, if some guy takes five plates, smack him-0–
Peter: 400 sounds pretty reasonable, something like tickets? Maybe charge for the tickets? I’d be up for $15 if that sounds reasonable, if you bring a plus one, you can cover them too.
Vote for budget approval of 400 to be used at CP on 3rd of December then figure out how we can earn extras: 0 oppose
Is is board members vote only? No anybody, only a couple things are board only
Peter: I propose $15 dollar tickets, we can figure out the details later
Vote for 15 for members, 20 for non-members; anyone who joins (new member) FOR the party will get in free: No opposition
Motion to hold holiday party at Casual pint: 2 voted I
WE WILL COORDINATE THIS
2024 Events Calendar:
Social Media:
Email Addresses: This will be updated post elections!
Sunshine Funds: Johnnie wants to donate the same amount of $ he donated last month, ($10) he has been referred to a Network Engineer position, the interview went great! They wanted someone who could get MCSE MSCA in the next 6 months, Johnnie has them, even though they are expired, but that goes to show how old those systems are, (0K 5% travel, the interview went amazingly well! 80 minutes after the interview Hr called and offered the job. They sent the offer letter, Johnnie never got the offer letter, HR informed him they could not send him offer letter until he accepted position.
Adjourn:
After Meeting: Networking Happy Hour @ Plaza Dellogado
Please give us feedback!: What did you like? Recommendations for future meetings? What could make your experience better?
Send your feedback to President @ ISSA-HR. Org
You must be logged in to post a comment.