Dear Chapter Members,
Below is the agenda for September’s ISSA New England Chapter Meeting. This
meeting will be offered jointly in connection with the Boston Chapter of InfraGard
(http://www.infragard-boston.org/).
Please R.S.V.P. at the ISSA-NE website: www.issa-ne.org.
SEPTEMBER 9 ISSA NEW ENGLAND CHAPTER MEETING
DATE: Tuesday, September 9, 2008.
LOCATION: The MITRE Corporation, 202 Burlington Rd. (Rt. 62), Bedford, MA
01730-1420 (directions below).
THEME: Joint meeting with InfraGard.
AGENDA:
12:30 p.m. – 1:00 p.m. Registration
1:00 p.m. – 2:00 p.m. Freedom of the Cyber Seas – What History Can Teach
Us About Cyber Security Policy
Aaron Turner, Relationship Manager for the Idaho National
Laboratory (INL), Technology Transfer and
Commercialization Division
2:00 p.m. – 2:20 p.m. Opening Remarks
Boston InfraGard President
Donna Chase, ISSA NE President
2:20 p.m. – 3:20 p.m. Update on the Commonwealth Fusion Center
Major Dermot J. Quinn, Massachusetts State Police,
Commonwealth Fusion Center
3:20 p.m. – 3:35 p.m. Break: Refreshments
3:35 p.m. – 4:35 p.m. Vendor Presentation: Don’t Tell Me What, Tell Me Who:
Correlating User Identity to Threat Information
Chris Meile, Director, Systems Engineering, Q1 Labs Inc.
4:35 p.m. – 4:45 p.m. Wrap-Up
Donna Chase, ISSA NE President
QUESTIONS: Email vp@issa-ne.org.
Important: To ensure you don’t miss any emails from ISSA NE, please update your
spam filters to allow emails from donnalchase@comcast.net. I will be using this email
address to send ISSA New England-related notifications.
ABSTRACT: Freedom of the Cyber Seas - What History Can Teach Us About
Cyber Security Policy
To be announced.
BIOGRAPHY: Aaron Turner
Aaron Turner is the Relationship Manager for the Idaho National Laboratory (INL)
Technology Transfer and Commercialization Division. In his role, Aaron works with
laboratory researchers, government program leaders, and technology companies to
identify cutting-edge lab research that can be integrated into commercially-viable
products and services. Aaron also manages an intellectual property portfolio that
focuses on information security technologies for the critical infrastructure, mobile
computing, and wireless communications markets. Aaron joined INL in 2006 as the
Cyber Security Strategist for the National & Homeland Security division and applied his
experience in information security to collaborate with control systems experts, energy
management engineers, and homeland security/law enforcement officials to develop
solutions to the cyber threats that our critical infrastructure is currently facing. Before
joining INL, Aaron worked in several of Microsoft's security divisions for seven years -
including as a Senior Security Strategist within the Security Technology Unit as well as
the Security Readiness Manager for Microsoft's Sales, Marketing, and Services Group
where he led the development of Microsoft's information security curriculum for over
22,000 of Microsoft's field staff. Aaron has been an information security practitioner
since 1994, designing security solutions and responding to incidents in more than 25
countries around the world.
ABSTRACT: Update on the Commonwealth Fusion Center
At our joint ISSA-NE/InfraGard meeting in 2005, Analysts from the Commonwealth
Fusion Center talked to us about the mission and plans of a new organization. From its
website: "The Fusion Center seeks to become a central point for gathering threat
related information, specifically in regard to suspicious incidents that may initially appear
isolated but may actually be part of a larger criminal enterprise." When they spoke to us
last, the organization was only about a year old. Since then, the organization has grown
and changed: Major Quinn will bring us up to date.
ABSTRACT: Don’t Tell Me What, Tell Me Who: Correlating User Identity to Threat
Information
Insider threats, compliance violations, policy break-downs, and general malicious
activity are detected all the time by your security devices. But how do you investigate
an IP address . . . particularly in large distributed environments?
Binding user identity to the threats detected in your environment enables you to answer
the questions “Who is attacking my network?" and "Who is out of compliance?".
Learn how to correlate user identity sources with network and security event data:
• Shortens time to problem resolution
• Provides greater accuracy in detecting the insider threat
• Improves user accountability
• Simplifies tracking down threats in large distributed environments.
DIRECTIONS TO VENUE:
Directions to ISSA-NE September 9, 2008, Meeting
The MITRE Corporation
202 Burlington Rd. (Rt. 62)
Bedford, MA 01730-1420
(781) 271-2000
Directions can be found at: http://www.mitre.org/about/locations/bedford_map.html.
The meeting will be held in S building in the 1S100 Auditorium so plan to come in
through the S Lobby. There is parking in front of K building. If that lot is full, there is
usually plenty of space in front of D building.
Very important - please note the following before registration:
Attendees must show a picture ID for entry.
If you are not a US Citizen and plan to attend the meeting, you must email
info@issa-ne.org for a visitors badge to be prepared.
There is a fee of $40 for non-members: This will be waived for anyone activating
an ISSA trial membership when entering the meeting.
Members of InfraGard, who are not members of ISSA-NE, must register through
InfraGard to avoid a non-member meeting fee.
Opportunities:
New England Information Security Forum
Date: September 8 - 9, 2008
Venue: Boston Convention & Exhibition Center, Boston, MA
Details: www.ianetsec.com/forums/event_summary.html?label=45
Join IANS for the 8th Annual New England Information Security Forum on
September 8 - 9, 2008, at the Boston Convention & Exhibition Center in Boston,
MA.
Information Security Forums are unique two-day events that offer tangible, real-
world insights to practicing experienced information security executives and
professionals. Based on IANS’ innovative and confidential peer-to-peer
discussion format, Forums emphasize tactics and real-life experiences rather
than theories and academic studies. Forum attendees receive 16 CPE credits
and IANS’ famous 60-page Summary of Findings following the Forum.
ISSA New England Chapter members receive a $495 discount off the registration
fee. Register at https://www.regonline.com/NE08. Enter code ISSA.
The Executive Women’s Forum
Date: September 16 - 18, 2008
Venue: Sheraton Wild Horse Pass Resort, Phoenix, AZ
Details/Registration:
http://guest.cvent.com/EVENTS/Info/Summary.aspx?e=0e02632d-dfd3-4281-
a1b3-50eff240e13b
Join your peers at the 6th annual Executive Women's Forum being held at the
Sheraton Wild Horse Pass Resort. The 3-day event provides an opportunity for
high-ranking female information security practitioners to discuss the best
practices in information security, risk management, and privacy and earn up to
17 CPEs.
Discovering convergence solutions and trends in international threat
landscape.
Exploring emerging technologies and workforces.
Learning best practices for managing risk and protecting privacy.
Networking with industry experts.
Finding out how to get appointed to Boards of Directors.
Learn from industry experts, attend topic specific workshops, and receive
professional development coaching. Register today and enter the ISSA Code
EWF123 to receive a 10% discount.
Take Our Certification Survey!
We have posted a 10-question, anonymous survey to solicit feedback from
Chapter Members on certifications: Should the Chapter offering certification-
related training? If so, training for which certifications? What type of training
format do you prefer? Please let us know what you think by visiting the following
URL to take the short survey:
http://www.surveymonkey.com/s.aspx?sm=O8ai7jkFCjW2zL2wPBN7GQ_3d_3d
Because the survey is anonymous, we cannot respond directly to you. So, if you
have questions, comments, or suggestions that you would like to share directly
with us, feel free to email us. Refer to http://www.issa-ne.org/directors.php for a
list of Board members and their email addresses. Thanks for your feedback!
50% Tuition Discount on SANS @Home Courses!
SANS offers a 50% tuition discount to all ISSA Chapter Members who register to
take any SANS course delivered over the web via SANS @Home. To obtain the
50% tuition discount, ISSA Members should use the group discount code:
COINS-AH.
Upcoming SANS @Home course:
Audit 423: SANS Training for the CISA Certification Exam
Tuesday, September 16, 2008 - Tuesday, December 2, 2008.
Register at https://www.sans.org/athome/details.php?nid=11528
10% Discount on SANS System Forensics Training
Beginning on September 23, 2008, SANS Mentor Evan Wheeler will be leading
Security 508: SANS System Forensics Training again in Boston. ISSA members
can receive a 10% discount on this training by entering the “SecOrg” code at
registration. For complete course details, please click on
https://www.sans.org/mentor/details.php?nid=12904.
Upcoming ISSA New England Chapter Events:
October 22: Forensics Educational Event, Waltham, MA.
November 12: Chapter/Annual Meeting, Stow Acres, Stow, MA.
December 10: Round Table, Verizon, Waltham, MA.
OUR 2008 SPONSORS:
Aveksa – www.aveksa.com
CA – www.ca.com
Cisco Systems - www.cisco.com
Eset – www.eset.com
Identity Engines - www.idengines.com
Q1 Labs – www.Q1labs.com
Qualys – www.qualys.com
Savant Protection - www.savantprotection.com
Secure Computing – www.securecomputing.com
Sophos – www.sophos.com
SSH Communications Security – www.ssh.com
Symantec – www.symantec.com
Tizor - www.tizor.com
Top Layer – www.toplayer.com
Donna Chase, CISA, CISSP
Information Systems Security Association
President, New England Chapter
Email: donnalchase@comcast.net