Welcome to ISSA KC

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA -Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

December 2016 Chapter Meeting

Posted by Administrator Thursday, December 1, 2016


Please join ISSA chapter members and other security professionals at Hereford House in Leawood, KS, for our December chapter meeting.


Jeff Lanza was an FBI Agent for more than 20 years during which he investigated corruption, fraud, and cybercrime and organized crime. He served as chief of internal security for the FBI’s Kansas City region. He has provided thousands of presentations on risk management to associations, corporate boards, and employees of major corporations around the world. He appears regularly on CNBC, the Fox News Channel and has informed the public on other national programs including the Today Show, Good Morning America, Dateline and CNN, among others. He holds a Master’s Degree in Business Administration.

Topic:
Protecting Your Business from External Threats
Protecting Your Business from Internal Threats


Outline:
Part One - Protecting Your Business from External Threats

  1. The Threat
    1. The mastering of electromagnetism
    2. Old vs new heists
    3. The world’s greatest hacker
    4. Cyber-criminal organizational chart
    5. Operation Trident Breach
    6. Major security breaches
  1. Cyber Attacks Against Business – Prevention
    1. Prevention the compromising of data in motion
    2. Prevention the compromising of data at rest
    3. Whale phishing
    4. Wi-Fi hotspot security
    5. Holding data hostage
    6. Cloud considerations
  2. Bank Account Takeovers
    1. Takeover example
    2. Most common words used in phishing emails
    3. Creating security layers to bank account takeovers
i.      Separate computer for financial transactions
ii.      Device security
iii.      Mutual authentication
iv.      Security token
v.      Dual authorization
    1. Technology can fail!
  1. Corporate Espionage
    1. The loss
    2. Significant breaches
    3. Old fashion spying
    4. Trust and employees
    5. The need to know principle
    6. Authentication and access control
  2. Privacy Issues
    1. The state of privacy
    2. Who has your information and what they do with it
    3. Protecting your personal information

Part Two - Protecting Your Business from Internal Threats


  1. Embezzlement
    1. Draining Dixon – and embezzlement example
    2. The trusted employee
    3. Other examples
    4. Embezzlement warning signs
    5. Embezzlement prevention strategies
    6. Positive Pay
  2. Check fraud
    1. Check fraud vs other payment frauds
    2. Check fraud example
    3. Check fraud deterrence
    4. Mobile check deposit security
    5. Online bill pay
  3. What make good people go bad
    1. The state of integrity
    2. Triangle of fraud
    3. FBI cases and current examples
    4. How does it start?
    5. Why is wasn’t it enough?
    6. Corporate culture and integrity
    7. Vision and mission
    8. Fraud reporting mechanisms and examples
    9. Ethics flow chart
  4. Hiring good people
    1. Qualities to look for in new hires
    2. Background investigations
    3. Interview techniques
    4. Detecting deceit in interviews and investigations
    5. Prevention not aftermath.
Summary
Question and Answer

Date/Location: Thursday, December 15th, 2016,  11:30 - 3:00 pm

Hereford House:
Town Center Plaza, 5001 Town Center Dr, Leawood, KS 66211

Menu:
Kansas City Class BBQ Buffet
Grilled Boneless Chicken Breast, Sliced Brisket and Pork Ribs, Coleslaw, Cheddar, Ranch Potatoes, Sauteed Green Beans, Chef's Dessert Selection, Coffee, Tea

Agenda:
11:30 AM  -  12:00 PM - Registration
12:00 PM  -  1:00 PM - Lunch
1:00 PM  -  3:00 PM – Presentation

Price:
$20.00 for ISSA Members,
$30.00 for Guests/Non-Members


November 2016 Chapter Newsletter

Posted by Administrator Thursday, November 17, 2016

The November edition of the ISSA newsletter is now available.

Ethical Hacking

Posted by NB


Introduction to Ethical Hacking - 5CPE - Training/Class

Ethical hacking is the concept of simulating a malicious actor with the intention of strengthening the security posture of an application or system rather than true malevolent intent. This introductory course in ethical hacking will explore the general steps taken by hackers to better understand a attack sequence. Participants will be familiarized to with several concepts outlined in both the Certified Ethical Hacker study guide as well as the Lockheed Martin (LM) Intrusion Kill Chain. Merging these two methodologies together will provide a more complete understanding of how hackers compromise systems and the potential cybersecurity controls which need to be evaded during an attack sequence.



5 CPEs
Book:  CEH v9: Certified Ethical Hacker Version 9 Kit - Amazon link (Recommended for this session)
Target Date: Saturday Dec 10th
Location:
TEKsystems
7421 W 129th St #300
Overland Park, KS 66213
Cost:
Members = $50
Non-members = $70
Agenda:
Time
Activity
10:00 - 10:30 AM
Introduction
Evasion
LM Kill Chain: Reconnaissance
CEH: Footprinting, Scanning Networks, Checking for live systems, OS Fingerprinting
10:30 - 11:00 AM
Hands-on lab
11:00 - 11:30 AM
LM Kill Chain: Weaponization
CEH: Malware, Social Engineering
11:30 - Noon
Hands-on lab
Noon - 12:30
Lunch
LM Kill Chain: Delivery, Exploitation, Installation
12:30 - 1:00 PM
Hands-on lab
1:00 - 1:30 PM
CEH: Hacking Web Applications and Servers, SQL Injection
1:30 - 2:00 PM
Hands-on lab
2:00 - 2:15 PM
LM Kill Chain: Command and Control (C2), Actions on Objectives
2:15 - 2:45 PM
Hands-on lab
2:45 - 3:00 PM
Conclusion, Final Comments


Register Now!

Upcoming Events

Join the ISSA Kansas City Chapter


Join our mailing list to stay current on ISSA Kansas City!


For more information on how to join the Kansas City Chapter of ISSA click here.

Social Media

Chapter meetings are a great way to get to know your peers here in KC. And, if you're currently looking to make a career change, it's an invaluable way to build relationships that can provide you with the "inside information" on open security positions. Check out our new LinkedIn© group that you can join to discuss topics, ask questions, or just meet other members. Look for the group "ISSA Kansas City Chapter" or click here.

FB
https://www.facebook.com/kcissa/






Sponsors