Hi [[ session.user.profile.firstName ]]

SCIPP International

  • Date
  • Rating
  • Views
  • Let's talk about Cyber-security Standards of Practice with Fred Cohen
    Let's talk about Cyber-security Standards of Practice with Fred Cohen
    Fred Cohen, PhD. CEO of Management Analytics, Recorded: Oct 18 2018 79 mins
    This webinar, hosted by ITPG Secure Compliance and Certification Training, will be a practitioner oriented conversation about the latest Cyber-Security Standards of Practice and adoption models for CEOs and Information Security professionals . We will be joined by our guest contributor, Fred Cohen.

    Fred Cohen, in the mid 80s, created a Protection Posture Assessments methodology. It is available as open source in all.net and presents the Options and Basic components of standards of practice for enterprise information protection. The model provides overarching and specifics surrounding what we currently view as a reasonable and prudent approaches to addressing information protection for enterprises.

    ITPG Secure Compliance, a Cyber Security Boutique in Northern Virginia will be joined by Fred Cohen, to answer key questions for CTOs, CISOs, CIOs, Security Engineers, Analysts, and all other stakeholders interested in the topic of Cyber-security best practices.


    Fred Cohen has a long history of being ahead of the curve. He first defined the term "computer virus" and the invented most of the widely used computer virus defense techniques, led the team that defined the information assurance problem as it relates to critical infrastructure protection, did seminal researcher in the use of deception for information protection, is a leader in advancing the science of digital forensic evidence examination, and has been a top flight information protection consultant and industry analyst for many years. Along the way, he has started, grown, exited, and assisted in scores of companies, including Advanced Systems Protection, Mangement Analytics, Fred Cohen & Associates, Security Posture, The Radon Project, Fearless Security, TechVision Research, the Monterey Incubator, Can Do Funds, Angel to Exit, and many others.
  • When Biometrics Simply Don't Cut It
    When Biometrics Simply Don't Cut It
    Ehab Samy, Vice President of Product Management for Plurilock Recorded: Oct 10 2018 61 mins
    Identifying a user through fingerprints, facial recognition or iris scanning is simply not enough for today's digital age. Join us to learn about the shift from point-in-time identification to behavioral biometrics and how it is impacting today's workforce. Ehab Samy, Vice President of Product Management for Plurilock, will explore game-changing practices in continuous authentication and identity management to control access to physical spaces, applications, and government services.
  • Cracking the Human Factor problem: Sims, games & data
    Cracking the Human Factor problem: Sims, games & data
    Bora Aytun Co-founder, CEO, MAVI Interactive Recorded: Oct 4 2018 51 mins
    Data-driven integration between Phishing Sims and game-based information security awareness training.

    In this webinar you will learn:
    •Why Phishing Sims didn’t turn out to be the silver bullet to bring down the Human Factor problem in Information Security.
    •Root cause analysis: Why people fail, and how cognitive neuroscience of learning can affect much-needed behavior change.
    •The behavior modification cycle: The process, and why accurate skills assessment is essential.

    You will also see a quick demo of the integrated solution: “Keepnet Labs” and "Info-Sentinel" training mini-games. Q/A Session to follow.

    Mr. Aytun is a 30-year veteran of building technology-based solutions, including B2B product development for the TV broadcast industry, TV and video production, software product development, and in the last decade, game development for training and education. He has been serving the corporate and government training space as the CEO of MAVI Interactive since 2008. MAVI's key contribution to the training industry is making immersive skill development products accessible by all, removing the prohibitive cost barriers.

    MAVI's approach is to develop award winning immersive training systems with modular data structures that can reliably deliver engaging skill development scenarios as well as data-driven performance evaluation. All their solutions are based on Natural Learning Principles, designed to “train the brain” and affect behavior change.

    MAVI's latest integration between Phishing Simulations (Keepnet Labs) and information security behavior modification mini games (multiple-award-winning "Info-Sentinel" series) completes the behavior modification cycle, essential for reducing the Human Factor issues with information security.”
  • Build Your Cyber Budget for 2019: Part 1
    Build Your Cyber Budget for 2019: Part 1
    Jerry Caponera, VP of Cyber Risk Strategy Recorded: Aug 16 2018 35 mins
    Choosing cyber vendors and balancing budgets can be a challenge. We want to help cut through the clutter and show how we build a cybersecurity budget and identify spending needs an organization needs to immediately address. This is a two-part webinar series where you will learn how to approach the cybersecurity budgeting process (as well as see common mistakes to avoid) and how to build your own cyber budget. We will offer a budget plan worksheet to guide you along the way and share best practices and takeaways.
  • Making Cybersecurity Matter to Business -  A conversation with Pete Herzog
    Making Cybersecurity Matter to Business - A conversation with Pete Herzog
    Pete Herzog, Managing Director at ISECOM Recorded: Jul 26 2018 55 mins
    In early 2000, the Open Source Security Testing Methodology Manual (OSSTMM) was released with the primary objective of improving how the enterprise conducted security testing. Key sections of this methodology include operational, human, physical, wireless, telecommunication, and data network security testing. Today, OSSTMM is widely regarded as a methodology for penetration testing world-wide, offering a standard approach to conducting security testing.

    Frank Shirmo of ITPG Secure Compliance, a Cyber Security Boutique in Northern Virginia will be joined by Pete Herzog, the creator of OSSTMM, to answer key questions, and provide clarifications on OSSTMM for CTOs, CISOs, CIOs, Security Engineers and Analysts, and all other stakeholders interested in the topic of security testing.
  • Artificial Intelligence - Internet of Things : Cybersecurity Perspectives
    Artificial Intelligence - Internet of Things : Cybersecurity Perspectives
    Dr. Shawn P. Murray, President, Murray Security Services & Consulting Recorded: Jun 14 2018 75 mins
    Artificial Intelligence (AI) is quickly gaining recognition as a viable method to increase successful problem solving, advance research in areas that exceed human capabilities and are automating menial processes to increase efficiency and productivity in expediential time. In the future, your interface with a human doctor may be limited, as AI gains more prominence in the medical industry diagnosing patients and determining levels of care. AI is being used to develop humanoids for companionship and is providing additional conveniences that are starting to alarm some organizations. There is a sense that the pace of AI is growing so fast that it may be impacting areas that are not getting the attention required to address various risks. Cybersecurity issues continue to arise regarding the integration of AI in computer systems, network and software platforms and the growing advances in IoT devices. As various industries invest in AI technology, CIOs, CISOs, researchers and manufacturers need to be working together to ensure cybersecurity and other safeguards are being considered in the design phase before allowing AI technology into the computing environment.
  • How Cyber (measured in dollars) Earns a Spot on the Risk Register
    How Cyber (measured in dollars) Earns a Spot on the Risk Register
    Jerry Caponera is the VP Cyber Risk Strategy at Nehemiah Security Recorded: May 17 2018 47 mins
    Cyber has yet to be fully integrated into the suite of business functions and monitored risks within most organizations. GRC is the mechanism to align cyber and the business, but it’s current state is not sufficient. Governance hierarchy is ineffective (CISOs reporting to the CIO or COO), Risk leveraging ambiguous risk measurements, and Compliance mistaken as security. Moving forward, Governance must be redefined, making CISOs business leaders, reporting to the Board. Risk should leverage traceable data to measure in a common business language. Compliance should be the baseline for security initiatives, not the end goal. When these initiatives can be achieved, GRC will transform cyber into a business enabler.

    Jerry Caponera is the VP Cyber Risk Strategy at Nehemiah Security where he leads the effort to quantify cyber risk in financial terms. Prior to Nehemiah he founded PivotPoint Risk Analytics which focused on cyber risk quantification through value-at-risk modeling and simulations. Jerry has a broad background in cyber, having worked for incident response, malware analysis, and services companies. He has spoken at a number of conferences worldwide including ISS World MEA in Dubai, InfoSecurity Russia in Moscow, and TM World Forum in Nice, France. He holds an MBA from the University of Massachusetts, an MS in Computer Science from the University of Pennsylvania, and a BS in Electrical Engineering from the University of Buffalo.
  • Is Threat Hunting the Next Frontier: Separating the Hype from the Reality
    Is Threat Hunting the Next Frontier: Separating the Hype from the Reality
    Dr. James Stanger Chief Technology Evangelist, CompTIA Recorded: May 3 2018 78 mins
    One of the more interesting-sounding job skills today is that of the “threat hunter.” Let’s talk about the activity of “threat hunting,” and deconstruct it a little bit. The idea behind threat hunting is to proactively look for adversaries and for traces of their activity. So, is threat hunting all that it’s cracked up to be? Is looking for trouble really the best approach today? It’s very possible that the one key element of threat hunting is one fundamental assumption: That you’ve already been hacked, but you just don’t quite realize it yet. In this presentation, James will discuss the benefits and drawbacks of “active defense,” and where it fits in with other security activities.
  • GDPR and you! Perfect together....?
    GDPR and you! Perfect together....?
    Joshua Marpet. Red Lion, COO/Founder Recorded: Mar 29 2018 58 mins
    GDPR is a huge topic, with issues ranging from "What does it mean to my business processes?" to "Do I have to care about it?" And that's besides the technical bits! Together, let's explore what it means for a sample company. We'll discuss data, geography, and business processes. You'll learn about some of the pitfalls, and some of the opportunities inherent in GDPR. And maybe we can make it work for you, instead of causing a headache. Want to find out? Just show up.

    Joshua Marpet is an accomplished speaker, long time information and physical security practitioner, as well as a start up CEO and serial entrepreneur.
    He has presented on topics ranging from Facial Recognition to National Security, to audiences from government agencies, law enforcement, Fortune 5 companies, and many others. His research encompasses Digital Forensics, business security maturity, and how not to start an information security business!

    Joshua has been in the hot seat, at all levels of IT and Infosec. From the Federal Reserve, to law enforcement, to being an entrepreneur, Josh has been there. Let's talk.
  • The Future of Passwords
    The Future of Passwords
    Hamza Sirag Recorded: Mar 22 2018 58 mins
    This webinar will provide an overview of the future of passwords. Passwords have become very important, protecting a treasure trove of information. You will get an inside look at the techniques and tactics used conduct password attacks. We will discuss the various countermeasures available, new improvements made to the latest operating systems to prevent successful password attacks, and how the industry is trying to eliminate passwords. We will conclude by discussing ways we can potentially circumvent new countermeasures.

    Hamza Sirag Hamza is currently an Information Security consultant. He has spent the majority of his time immersed in the world of cybersecurity. He has had the opportunity to lead complex penetration tests for a variety of federal and commercial clients. He is the founder of Beltway Hackers, a Northern VA based meetup group focused on offensive cybersecurity. https://www.meetup.com/Beltway-Hackers

Embed in website or blog