ISSA-HR Chapter Meeting 9 April 2024
Opening remarks: Meeting held in-person at ECPI and virtually on Zoom. For questions, please raise your virtual hand or use the chat feature. Please give us feedback after the meeting what did you like? What could we improve?
Agenda: Welcome/Membership/Education/Presentation/Business Meeting/Q&A/ Feedback/Adjourn
Organization Chart:
ISSA-HR Professional Association Benefits: Build professional relationships, stay current on developments in areas of information security/risk/privacy, professional development, education opportunities, Earn CPE/CEU continuing education credits, learn practical and best practice solutions, career information and employment opportunities
Whether you’re a pre-professional, entry-level, mid-career, senior practitioner or security leader, ISSA offers strategic resources and guidance to successive career levels.
Membership Annual Cost: Professional (Not a student) $95, Student 30, (Chapter Dues $30) Professional = $125 total, Student = $60
*Select Hampton roads as your chapterNew Members: <> four new members from March, welcome Anthony, Christine, Jacob, Patrick, sorry if I missed anybody, Anthony is here ! Lots joined from out meeting and social events, thank you and welcome!
Education: Resources on website, we do now have a separate mentorship program; we are passionate about what resources are out there!
Goals: Provide educational resources, mentorship opportunities, teambuilding/collaboration, hands-on industry tool familiarization, certification tracking/pipeline
Free certification and Training:
Purdue University Northwest (PNW) Free Online Cybersecurity Workforce Certification Training: Roland himself has done this program! Can pick different levels. Can Google it or reach out to get more info.
Hatch Apprenticeship Program: 6-month software engineering apprenticeship program offered by Twilio for anyone interested in cybersecurity, normally entry level courses that can progress (On the Job type training) with a chance to be hired.
https://www.twilio.com/en-us/company/diversity/hatch
Reading List: Blog of the Month: “Panera Bread Ransomware Attack (March 2024)”
In March 2024, Panera Bread, a popular bakery-cafe chain in the United States, experienced a week-long disruption caused by a ransomware attack. The attack encrypted critical data and applications, hindering various aspects of their operations. Panera Bread’s website, mobile app, and in-store kiosks became inaccessible or malfunctioned, affecting POS systems, employee schedules and customer service phone lines. No one has yet claimed responsibility. The Panera Bread ransomware attack highlights the growing threat cyberattacks pose to businesses. It emphasizes the importance of robust cybersecurity measures, data backups, and transparent communication during such incidents. https://www.bleepingcomputer.com/news/security/panera-bread-week-long-it-outage-caused-by-ransomware-attack/
New Social Media Resources:
Zeffy is now used for event registrations, we sent an email out if you are signed up for those
with Eventbrite, we were limited a certain number of sign-ups as well as they have begun to charge for the service. Eventbrite is still being used.
Feel free to pitch in and share ideas on our discord!
Discord (QR below), can use QR code, link or search “ISSA-HR” (https://discord.com/invite/Jt3m7TWQzQ
LinkedIn: great resource to get in touch with us:
Click the QR code (Above), link or search for “Information Systems Security Association – Hampton Roads Chapter” https://www.linkedin.com/company/information-systems-security-association-issa-hampton-roads-chapter/
Be sure to also check out the Meeting recap on the ISSA-HR webpage! Been blogging on the LinkedIn! Thanks Faith! We love feedback!
Chapter Meetings and Social Events:
2 April: L. G., (Ally Cyber Investigations LLC): Real-World OSINT Applications
7 May: Alex Reid, former Navy Red Team, NRT Tool Developer: An overview of some recent tool developments
4 June: Talking with potential speaker (TBD)
6 August or 10 September: Looking to set up Potential Live fire event (Noon-5PM), Evan is taking the time to reach out to Infraguard too (?)
Potential FBI Speaker will be attending the InfraGard event on the 11th
Looking for speakers for 2024 and in-house back-up speaker: please reach out to the ISSA Meeting program Director: Evan Larsen (see email list at bottom) if interested or have a purpose speaker. Evan also wants to do a recap/summary of the tracelabs event, he is looking for three more people to join his team, twenty bucks a ticket, Tracelabs is doing a CTF based on real-world cold-case missing people. You get points finding information. Ken is one of the judges/senior coach so we have a bit of an inside track. (DON’T bug him too much) If interested visit the site tonight and buy a ticket:
https://www.tracelabs.org/initiatives/search-party
They do them once a quarter (Used to do them once a month)
Cyber Social: April 24th 5:30-8:30, it’s a great casual event, always a good turnout. No expectations, great place to network. Definitely a good time. Be advised we will not get the side room this time, we will be there, come out for a beer, we might (weather permitting) be able to be outside You can sign up for emails to stay in the know about these events!
After-Meeting Networking Happy Hour: After ISSA meeting at plaza Degollado. =Around at the corner from ECPI
Jobs: Have a job/Need a job: ISSA has a job search page http://iz1.me/XJU31zUSeBV
https://issa-jobs.careerwebsite.com/jobseeker/search/results/
Government Jobs: USAJOBS.gov: Government job resource: Great resource for fed resumes: federal resume Guidebook by Kathryn Troutman
Best way to get a job is through networking, as always.
Who is looking for a job:
Patrick is looking for something fulltime, he works in the government as a GS.
Evan is “casually looking” has his PMP, CISSP, Clearances, experience as a PM. Looking for more technical role, he finds it boring, company is great (Millennium), if anybody knows any technical roles—certified also in scrum master
Need a Job: If you’re looking for work, now’s your chance to let us know! Let us hear your elevator pitch: an Introduction, summary of what you do: current role and why you are doing well there, relevant experience, Explain your value/what problem you can solve, and a Call to action for what you’d want to do next. Whether you are currently employed or just want to practice, now is a great opportunity.
Optionally, for an extra 30 seconds you can add other details such as clearance status, remote, on-site or relocation preference, additional education/certs not already mentioned, and other short details. We can post your email in the chat if you want, we will ensure it gets to the right people.
Have a Job:
Job title/Company/Type (Contractor, Government, Private sector, Internship, Full time, Part time)/Requirements (Years work experience, Education, Certs, Clearance)/Desired experience, qualifications and any other information desired (keep it short)
Evan Looking for motivated folks to join the team
Johnnie (Not here) Works at SAIC, who are also a great starting point
Monthly Presentation: Real-World OSINT Applications
This presentation explored the concept of online footprint and how the information we share online can have lasting consequences.
The speaker, L.G., a cyber investigator with over 30 years of experience, shared real-life examples from his career to illustrate this point.
Here are some key takeaways:
Think before you post: Information you share online can be used against you in the future, even seemingly harmless things like pictures or social media profiles.
Be mindful of your email address: Email addresses can reveal a surprising amount of information about a person.
Use strong passwords and be careful about clicking on links: This can help protect yourself from online scams and identity theft.
There are resources available to help: L.G. mentioned his book, “The Truth Behind Social Networking,” which offers guidance on staying safe online.
The presentation also included a Q&A session where L.G. addressed audience questions about search engine bias, data brokers, and online privacy tools. Remember, the internet is a powerful tool, but it’s important to use it responsibly. By following some basic security practices, you can minimize your risk and protect yourself from online dangers
Business Meeting:
Old business/New business (Mentorship program, Conference Participation)/Secretary Meeting Minutes/Membership Updates/Treasury Report/Social media Updates
Old Business: Social Event, Casual Pint March 27th, Mentorship program, Mentorship Chair: Desmond Graham
New Business:
ISSA Mentorship Program: Lead by Desmond Graham
Conferences
Volunteer Events: Volunteer Events: What would members like to participate in? Who can volunteer to lead?
Mentorship program:
Desmond is reaching out to schools in the area, if interested in mentoring please let us know
Conferences:
Cybersecurity Roadshow: April 18th in Richmond VA: starts at $0 https://publicsectornetwork.com/event/government-cybersecurity-roadshow-virginia/
5th Annual Digital Forensics for National Security Symposium: March 11th in National Harbor, MD: $0-$1290 https://digitalforensics.dsigroup.org/
HammerCon 2024: May 16th in Laurel MD: $0-$50, https://www.eventbrite.com/e/hammercon-2024-3rd-annual-national-convention-of-the-mcpa-registration-787154780137
Gartner Security & Rish Management Summit: June 3rd-5th in National Harbor MD: $3825-, https://www.gartner.com/en/conferences/na/security-risk-management-us
RVASEC: June 4th-5th in Richmond VA: $375-, https://rvasec.com/
TECH YEAH Conference: June 19th-20th in Morgantown WV: $0-(DoD $199), https://www.techyeahconference.com/techyeah3
TECHSPO 2024: July 1st-2nd in Washington D.C.: $0-, https://techspowashingtondc.com/register/
BSides Roanoke 2024: July 12th in Roanoke VA: Pricing unav. At time of writing, used to be free. If you want to guarantee getting in for free, or after tickets are no longer available, volunteer! https://bsidesroa.org/
DC Metro Cybersecurity Summit: July 18th in McLean VA: $195-$250, https://cybersecuritysummit.com/summit/dcmetro24/
DISA J6 Cyber Awareness Forum 2024: July 25th in Alexandria VA: $Free, but DoD only. https://www.fbcinc.com/event.aspx/Q6UJ9A01YF2W
Black Hat USA 2024: August 3rd-8th in Las Vegas, NV: $1,895-, https://www.blackhat.com/us-24/
DEF CON 32: August 8th-11th in Las Vegas, NV: $300-, https://forum.defcon.org/node/248358
March 5 Meeting Minutes: Meeting recap on website:
https://issa-hr.org/issa-hr-chapter-meeting-5-march-2024/
Presentation: Barbara Cosgriff with Threat Modeling- A Practical Approach
Business Meeting: Chapter updates including Tidewater Engineering Fair, mentorship program updates, Conferences, Income and Sponsorship Committee,
$4,256.97 recorded.
Treasurer Report:
Balance: $4346.65
2024 Events Calendar:
Social Media:
Email Addresses:
After Meeting: Networking Happy Hour @ Plaza Dellogado
Please give us feedback!: What did you like? Recommendations for future meetings? What could make your experience better?
Send your feedback to President@ISSA-HR. org
Income and Sponsorship Committee: Our numbers are dwindling so we are trying to figure out how to get back to $5,000.
Thank you all!
You must be logged in to post a comment.