Calendar

ISSA SouthTexas Calendar events can be found here. For a calendar of other Houston Security Events please go to our google calendar found here.

Feb
10
Mon
CCSP Overview Course @ MD Anderson Mid-Campus Building
Feb 10 @ 8:30 am – Feb 13 @ 4:30 pm

SouthTexasISSA
The Information Systems  Security Association (ISSA) South Texas Chapter Invites you to a: ISSA South Texas CCSP Overview Course 

When: February 10 – 13th, 2020 8:30 am – 4:30 pm

Who: Ross A. Leo – ISC2 and CSA certified CCSP instructor.  Associate Director of Professional Training and Development with the Cyber Security Institute (CSI) at the University of Houston – Clear Lake College of Science and Engineering

Location: MD Anderson Mid-Campus Building, 7007 Bertner Ave., Houston TX 77030

Register at: https://www.eventbrite.com/e/issa-south-texas-4-day-ccsp-training-class-february-10-13-2020-tickets-77575054075?aff=ebdssbdestsearch

Cost: ISSA and CSA Members $649, Non-members $776. The non-member rate includes an ISSA and CSA membership

Includes: Participants will receive materials including a textbook, copies of the CSA, NIST, and ENISA core documents, and supplementary handouts as appropriate plus 32 CPE hours. Plus breakfast, lunch, snacks.  Parking is NOT included.

Training materials:  The basic rate for members and non-members ($649/$775) includes the class, the Sybex CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide and the CCSK eBook.

About the course:  The CCSP is a professional certification in cloud and information security, providing competency in cloud computing infrastructure and security expertise for mid- to advanced-level professionals in IT security, architecture, GRC, audit, and engineering for those with a background in securing, managing, or providing services in cloud environments. Beyond the beginning CCSK from CSA, which the introductory day will review, the course will provide materials and guidance for the participant to prepare for the 4-hour, 125-question technical CCSP examination and credentialing (as well as the CCSK, if desired). A score of 700 on a 1000 scaled score base will be required to pass the exam, which can be scheduled via www.isc2.org at Pearson Vue testing sites, at participant cost. More information may be obtained from https://www.isc2.org/uploadedfiles/(isc)2_public_content/certification_programs/ccsp/ccsp-brochure.pdf and the more detailed candidate booklet, as well as the CSA’s information at https://cloudsecurityalliance.org/media/news/isc2-and-cloud-security-alliance-introduce-new-cloud-security-certification/ .

About the Instructor: In addition to his tenure with UHCL, Mr. Leo has been an ISC2 instructor for over 20 years, holding numerous professional credentials in security and related fields. He is a principal with Nivola Healthcare Solutions, and has partnered with SecureNinja (VP / CTO), Global Knowledge (Expert Instructor status), and Intense School, and held positions a CISO at UTMB – Galveston, a HIPAA consulting firm, and as a Program Manager and Chief Security Architect at NASA / JSC.

Questions: Contact Joanne Ashland, ISSA South Texas Education Director education@southtexas.issa.org, 281-830-2448

Feb
13
Thu
Why going for high score is a good thing @ Hess Club
Feb 13 @ 11:30 am – 1:00 pm

Presentation: Why going for high score is a good thing

Speaker: Frank Leyva, Cybersecurity Engineer

Abstract:

In 2018, the stakes for cyber-attacks were higher than ever. We as a community continued to witness attention-grabbing security incidents dominate headlines news, including the most massive Denial of Service attack ever recorded. But is this a bad thing? Some would be quick to say yes, but I believe hackers going for high score is a good thing only if we can learn from their actions.

Attackers have proven that they are capable of continually developing new techniques as well as improving the efficiency of the old. Over the last few years, my team and I have seen a steady growth in the development and evolution of the Denial of Service threat landscape, including several world record attempts. In this talk, I will discuss how the Denial of Service landscape has evolved over the years by highlighting the differences between the last two record-breaking attacks, Mirai (DYN) an IoT based botnet and Memcached (GitHub) an amplification attack.

We will then discuss the future of Denial of Service attacks and what the landscape will look like as other technologies and protocols continue to evolve. We will talk about why amplification attacks will always be a significant vector and how we can begin to forecast what the potential risks will be. We will do this by reviewing the current threats around susceptible protocols and how attackers currently can launch masked amplified attacks for high score.

Bio: Frank Leyva is a Cybersecurity Engineer with Radware, a market leader in Cyber Security with a Focus on Network and Application level availability, and security. Prior to that he was a subject matter expert in network security defense with a leading anti-malware company, performing advanced threat analysis, deep packet inspection, and creating hacker profiles for after attack reports.  His skillset spans across all infrastructures, from on premise, physical and virtual, to cloud, ISP, hosting, and carrier grade networks. He has spoken at many engagements with security partners, vendors, and C-level executives, continuously striving to stay up to date with current security trends, vulnerabilities and exploits. He is also prior service Marine, and a member of LinkedIn Vets, Infragard North Texas chapter, Dallas Hackers Association, and is an advisory board member for Navarro College.

Contact Information:

 Name: Frank Leyva
 Title: Cybersecurity Engineer
 Company: Radware
 Phone: 214-587-7920
 eMail: frank.leyva@radware.com
https://www.linkedin.com/in/frank-leyva-b05b6644/frank leyva


Sponsor Information:

Contact Name: Kelsey Martel
Phone: 603-785-8695
Company: FORTINET
About our Sponsor: Fortinet (NASDAQ: FTNT) empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – both today and into the future. Only the Fortinet Security Fabric architecture, comprised of proprietary technologies from next-generation firewalls, SD-WAN solutions, NAC, SIEM, etc., can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments.
eMail: kmartel@fortinet.com
Website: https://www.fortinet.com


Luncheon Meeting Schedule:

 

11:15 a.m. Registration / Networking
11:30 a.m. Luncheon / Networking
11:45 a.m. Chapter Business Meeting
12:00 noon Keynote Presentation
1:00 p.m. Adjourn Luncheon

Pre-requisites:

  • An interest in information security.

CPE:

  • 1 CPE