Welcome to ISSA KC

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA -Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

February 2018 Chapter Meeting

Posted by Administrator Friday, February 2, 2018


On February 22, 2018 the ISSA-KC Chapter members, and other security professionals will hold a meeting at Lidia’s Italy Restaurant in Kansas City, MO, to network and attend the monthly chapter meeting, with presentation topic.

Topic:                 
Beyond Password Management:  Seven Steps to an Effective Privilege Program

Abstract:         
Management of passwords, keys, and secrets is being addressed within every organization in one way or another (or many), but does your privilege account management program really keep attackers from fulfilling their mission ... or does it just make administration less cumbersome?  We will explore the common elements in nearly every high-profile breach and how compromised credentials were necessary to the overall "success" of the attack.  More importantly, we will discuss the steps every organization can take to reach an acceptable level of "cyber-hygiene" within their privilege program.

Speaker:           
Troy Brueckner is a Certified Information Systems Security Professional (CISSP #409914) with an extensive record of assisting organizations improve network and data confidentiality, integrity, and availability.  Mr. Brueckner joined CyberArk Software, Inc.in 2013 to assist in their mission to "Provide a new layer of security to protect the heart of the enterprise from advanced cyber threats."  Prior to CyberArk, he served as Vice President for Infogressive, Inc. and as Security Architect for Alexander Open Systems, Inc. Mr. Brueckner graduated summa cum laude from Bellevue University with a B.S. in Business ... plus minors in Computer Information Systems, Organizational Communications, and Communication Arts.  He is a graduate of the FBI Citizens Academy and he serves on the Board of Directors for InfraGard Nebraska, a partnership between the FBI and the private sector dedicated to sharing information and intelligence to prevent hostile acts against the United States.  Mr. Brueckner is a current member of the FBI Omaha CAAA Board of Trustees and Past President of the (ISC)2 Omaha-Lincoln Chapter.

Location: Lidia’s Italy Restaurant, 101 W. 22nd street, Kansas City, MO. 64108

Agenda:
11:30 AM - 12:00 PM Greeting and registration
12:00 PM - 1:00 PM - Meeting & Presentation
1:00 PM - 1:30 PM - Questions, Answers & Networking

Menu:
Pasta Tasting Trio - A sampling of three daily-made fresh and filled pastas.
Biscotti Platters - An assortment of house-made cookies & sweets to pass and share family style.

Soft drinks, Iced Tea, Coffee

*Vegetarian option available, please note at registration at Brio
* *Menu subject to change. **

Price:
$25.00 for ISSA Members,
$35.00 for Guests/Non-Members
Maximum Reservation: 35
Credit(s): 1 CPE credit

We look forward to seeing you at the event. If you have any questions about the event or how to register, please email our RSVP email, or contact the venue for directions.

Register Now!




Jan 2018 Chapter Meeting

Posted by NB Thursday, January 11, 2018

Event Date/Time:  Jan 25th  - Thursday  

Topic: Cyber Security trends for 2018

Topic Summary:Our world is networked together, where companies and home users rely on networked systems and the data stored in them.  2018 will be a tipping point year as we  all become more connected and influenced by new digital transformations.  We will be presented new cybersecurity threats and landscape. Cybersecurity is one the most critical issues that will needed to be addressed, not ijust in the workplace but in our home lives as well.

Speaker:  Mike Tyk
Bio: Mike Tyk leads the Security Advisory Services; for Novacoast. Security Advisory services  assists client's with predicting, preparing , detecting, and responding to modern threats by increasingly sophisticated attack actors. He is a trusted advisor to Security and Technology executives, as well as a member of senior management to Novacoast's customers, where he provides incident readiness strategy, direction, governance, compliance, industry trends and threat landscape evolution. Assisting clients who require an experienced leader to step in and take charge of building a security program from the ground up and helping evolve existing security programs into their next stage of maturity.

Location: Hereford House, Town Center Plaza, 5001 Town Center Drive, Leawood, KS. 66211

Agenda:
11:30 AM - 12:00 PM Greeting and Registration
12:00 PM - 1:00 PM - Meeting & Presentation
1:00 PM - 1:30 PM - Questions, Answers & Networking

Menu:
Lunch : Choice of one: Beef, Chicken, or Salmon,Salad, Potato, Vegetable, Drink
*Vegetarian option available, please note at registration at Hereford House*
*Menu subject to change*

Price:
$25.00 for ISSA Members,
$35.00 for Guests/Non-Members

December 2017 Chapter Newsletter

Posted by Administrator Monday, December 11, 2017

The December edition of the ISSA newsletter is now available.

Board Opportunity - Director of Certification/Education

Shall manage and oversee all educational activities of the Chapter and will be responsible for the coordination of Chapter-sponsored educational offerings including but not limited to: certification study groups, member workshops and will serve as a coordinator for the Chapter's support of student chapters.
The Director of Education will also organize a minimum of one information technology & security training course annually, keep the ISSA Board informed on training objectives, strategy, and progress”. All educational offerings will be approved by the Board of Directors. The Director of Education will also submit CPE credits to certification boards as appropriate.
Ongoing responsibilities include:

  • Facilitates educational activity planning, logistics and delivery
  • Proposes budget pertaining to educational activities for monthly meeting and conference
  • Organizes resources, speakers/instructors and volunteers for education events
  • Ensures activity information is published via the Communications team
  • Responsible for providing ISSA members and non-members CPE receipts




About 11 hours a month.
If you are interested or have questions please email President@kc.issa.org



ISSA KC Code of Ethics
The primary goal of the Information Systems Security Association, Inc. (ISSA) is to promote practices that will ensure the confidentiality, integrity, and availability of organizational information resources. To achieve this goal, members of the Association must reflect the highest standards of ethical conduct. Therefore, ISSA has established the following Code of Ethics and requires its observance as a prerequisite for continued membership and affiliation with the Association.
As an ISSA member, guest and/or applicant for membership, I have in the past and will in the future:
  • Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;
  • Promote generally accepted information security current best practices and standards;
  • Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;
  • Discharge professional responsibilities with diligence and honesty;
  • Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of or is detrimental to employers, the information security profession, or the Association; and
  • Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, or employers.

December 2017 Chapter Meeting

Posted by Administrator Wednesday, November 29, 2017

On December 15, 2017 the ISSA-KC Chapter members, and other security professionals will hold a meeting at Ritz Charles in Overland Park, KS, to network and attend the monthly chapter meeting, with presentation topic.

Topic: FBI Briefing on Cyber Security

Topic Summary:  Briefing with our local FBI Liaison on Cyber Security Threats. The FBI’s Cyber Initiative and Resource Fusion Unit (CIRFU) maximizes and develops intelligence and analytical resources received from law enforcement, academia, international, and critical corporate private sector subject matter experts to identify and combat significant actors involved in current and emerging cyber-related criminal and national security threats. The presentation will provide in-depth information on collaboration and coordination criticality in combating cyber threats effectively.

Locations:
Event Location:
Ritz Charles Overland Park
9000 W 137th St, Overland Park, KS 66221

Event Date/Time:
Dec 15th  - Friday 


No audio or video recordings!

Agenda:
11:30 AM  -  12:00 PM - Registration - MEMBER ONLY

12:00 PM  -  1:00 PM - Lunch - MEMBER ONLY EVENT
1:00 PM  -  3:00 PM – Presentation - PUBLIC MEETING

Price:
$30.00 for  Members
$35 for Guests/Non-Members

2 CPEs

Lunch Menu:
Fresh Salad
Beef or Chicken with Vegetables
Desert

Register Now!

November 2017 Chapter Newsletter

Posted by Administrator Thursday, November 16, 2017

The November edition of the ISSA newsletter is now available.

Why Apple Pay and Other Mobile Wallets Beat Chip Cards

Posted by VP ISSA Wednesday, November 15, 2017


Every weekend, when Pierre Houle works the brunch shift at Olea, a neighborhood restaurant in San Francisco, many customers want to split the tab on multiple credit cards, a process that takes much longer than it used to.
For waiters like Mr. Houle, diners going Dutch is nothing new. But now he has to take each of the credit cards, insert them into a chip reader and wait about 10 seconds for every transaction to process. In the past, he could swipe a card, wait a few seconds, print out the receipt and get going. “It isn’t much, but in the restaurant world it can be enormous,” he said. “I have to wait there, and I can’t go check on something else. You need to move all the time when you do a job like that.”
Many merchants and retail workers are watching their lives play in slow motion when they process credit cards. To combat fraudulent transactions, the retail industry is shifting away from the traditional magnetic stripe toward tiny computer chips embedded inside cards. The chip technology, known as E.M.V. (for Europay, MasterCard and Visa) has been around for decades in Europe. But starting last October in the United States, banks pushed the liability of purchases made with counterfeit credit cards onto merchants.
That means if a criminal swipes a counterfeit credit card to buy something, the merchant now has to pay for it. The sweeping change has compelled many retailers to upgrade their equipment to read chips, which have stronger security than the easy-to-forge magnetic stripe. By the end of this year, about 80 percent of all credit cards in the United States should include chips, according to a new report by the fraud prevention company Iovation and the research firm Aite Group. The chip initially may annoy consumers. For most chip transactions, you have to dip the credit card into a slot and wait for the transaction to be approved before you can remove it and scribble your signature.
Mobile payments could be a quicker alternative. Some of the biggest tech companies — Apple, Google and Samsung Electronics — released mobile wallet technologies in the last two years, though they are still a niche product. In the United States, only 0.2 percent of all in-store sales were made with phones last year, according to a survey by eMarketer, the research firm.
“Contrary to what Tim Cook said when Apple rolled out Apple Pay, consumers have been swiping their cards for a long time and it’s not that hard,” said Julie Conroy, a research director for the Aite Group.
I tested chip cards and each of the mobile payments services in three different stores: Walgreens, BevMo and Nancy Boy, a small beauty supply store in San Francisco. I inserted a chip card or tapped a phone and timed how long it took each transaction to be approved and start printing a receipt. The results varied slightly, but the mobile wallets were generally much faster than the chip.
At Walgreens, after I inserted a chip card, the transaction took eight seconds before a receipt started printing; Apple Pay and Samsung Pay took three seconds; and Android Pay (Google’s service) took seven seconds. At BevMo, the chip payment took 10 seconds; Samsung Pay took four seconds and Android Pay and Apple Pay each took five seconds. At Nancy Boy, the chip took eight seconds, and all the mobile payment services tied at 2.4 seconds.
What is happening with the chip to make it so slow? When you dip in the card, the chip generates a one-time code, which is sent to the bank over a network. The bank confirms the code and sends verification back to the terminal. With mobile wallets, the same thing is basically happening in the background. They generate one-time tokens that are sent out and approved by the banks. Stephanie Ericksen, a Visa executive who works on security solutions for new payment technologies, says the sluggishness of the chip is largely a perception issue. The actual transaction time behind a mobile payment and a chip card is the same.
But with the chip, most merchant terminals require you to leave the card inside the reader until the transaction is complete and wait for a screen to tell you that you can remove the card. With the mobile payments, you can just tap the phone, and there is no extra screen telling you to remove the phone, which partly explains why the transaction appears to move along more quickly. Visa is addressing the perception of sluggish transactions with Quick Chip. It is basically a coming software upgrade that will allow the terminals to instruct the customer to dip the card and remove it right away.
Mobile wallets feel faster, more convenient and less awkward to use than the chip, so you should use them whenever possible. The caveat, of course, is that not every merchant that takes credit cards also accepts mobile payments. To see if the wallet is supported at a store, you will have to look out for Apple Pay or Android Pay logos on cash registers, or a logo of a hand holding a card in front of a wireless signal, which means contactless payments are supported.
That brings us to the differences among the mobile wallets. They all work about the same — take your phone out, enter your passcode or fingerprint and tap the terminal — and they have their pros and cons.
Samsung Pay is accepted by the most merchants because it uses magnetic secure transmission, a technology that emits a magnetic signal to mimic the magnetic stripe, meaning it can be used on most credit-card readers. Samsung Pay also supports payments made wirelessly with near-field communications, for NFC, a technology that enables devices to exchange information wirelessly over short distances.
Apple Pay and Android Pay can make payments over terminals that have NFC or inside apps that support them, like Uber or DoorDash. Apple Pay is supported by more banks than the Samsung and Android wallets. (I was surprised, for instance, that I could not add a Chase card to Android Pay). Android Pay’s advantage is it is available on the broadest array of devices. It can run on most Android phones that support NFC, whereas Samsung Pay can only be installed on Samsung phones and Apple Pay can only run on iPhones and the Apple Watch.
In a statement, Samsung said Samsung Pay was the most accepted mobile payment service and it “dramatically decreases opportunities for fraud.” Google’s senior director for Android Pay, Pali Bhat, said, “We want Android Pay to be available everywhere, and everywhere means as many devices as we can support.”
Jennifer Bailey, vice president of Apple Pay, said, “Users tell us they love the convenience and speed of paying with their iPhone or Apple Watch.”
In rare cases, there can be a long wait before you take your chip card back. Mr. Houle, the restaurant waiter, also works part time at the beauty supply store Nancy Boy. He recounted an incident in the store when he dipped a chip card for a customer who left before he could hand it back. He tracked her down on Facebook and mailed it to her in New York three days later. “It was my fault as much as hers,” he said.

Upcoming Events


Feb 22nd, 2018 - Chapter Meeting **** Register ***

Past events:
Jan 25th 2018 - Chapter Meeting
Dec 15th - FBI Briefing
Nov 9th Happy Hour
Oct 2017 Chapter Meeting

Join the ISSA Kansas City Chapter



Join our mailing list to stay current on ISSA Kansas City!




For more information on how to join the Kansas City Chapter of ISSA click here.
Join today!




ISSA Member Login Page ISSA
Login





ISSA’s Special Interest Groups (SIG) and Webinars:
SIG On-Demand Conf

SIG groups are:

Security Awareness

Women in Security

Healthcare

Financial

ISSA KC Mentorship Program * Applications

Mentor form/Application


Mentee form/Application


Social Media

Chapter meetings are a great way to get to know your peers here in KC. And, if you're currently looking to make a career change, it's an invaluable way to build relationships that can provide you with the "inside information" on open security positions. Check out our new LinkedIn© group that you can join to discuss topics, ask questions, or just meet other members. Look for the group "ISSA Kansas City Chapter" or click here.


Join our FaceBook page

https://www.facebook.com/kcissa/






Sponsors