The June meeting of the New Mexico ISSA Chapter is scheduled for June 19, 2018, from 5:30pm to 7:00pm.

THERE IS NO FACE-TO-FACE MEETING THIS MONTH! The presentation will be hosted entirely online.

Online meeting link: https://join.freeconferencecall.com/nmissa

If you can only join via phone, or if your computer audio connection is unreliable:
Dial-in Number: (563) 999-2285
Access Code: 463808

Presentation: NERC-CIP: Lessons Learned from Protecting the Electric Grid

Despite how they are painted in the media, power utilities are ahead of the curve in their approach to cyber security. For some time now they have been on the front-line of the nation’s ongoing cyber defenses and they are painfully aware of that, helped along by a little-known standard referred to as NERC-CIP. We can learn a lot from the unique ways that power utilities have found to approach security and the CIP standard.  This presentation will look at some of their techniques – from the way they have blended security with decades of reliability experience to their strong defense-in-depth approach – and examine how they can be applied in other venues, helping us all learn what we can from their experience.

Your presenter is Lewis Campbell, a Senior Security and IT professional with significant experience in compliance, client-server database development, and industrial control systems (e.g., SCADA, DCS, EMS).  Lewis is a former employee of Microsoft Corporation – part of the team responsible for the development of the networking components (NDIS) of Windows.  Currently, Lewis is the President of Cintigy Systems Inc., serves on the board of Diné Development Corporation (a multi-million dollar technology service provider with offices worldwide) and is an accomplished college instructor, writer, and public speaker with an Advanced Communicator Bronze rating from Toastmasters International.

You can register for the meeting here: https://www.meetup.com/New-Mexico-ISSA/events/

The May meeting of the New Mexico ISSA Chapter is scheduled for May 15, 2018, from 5:30pm to 7:00pm.

THERE IS NO FACE-TO-FACE MEETING THIS MONTH! The presentation will be hosted entirely online.

Online meeting link: https://join.freeconferencecall.com/nmissavp

If you can only join via phone, or if your computer audio connection is unreliable:
Dial-in Number: (563) 999-2285
Access Code: 463808

Presentation: The New Mexico Breach Notification Act and the Multi-State Problem

Effective July 2017, New Mexico became the 48th state to enact a breach notification law. Despite this, many organizations are not only unaware of their obligations under New Mexico law, but – along with 47 other states and multiple territories – breach notification requirements have become a dizzying patchwork of laws and regulations, and your business is probably required to comply with all of them (even if you didn’t know it). Even worse, strict EU privacy laws just went into effect this year, and they are applicable to any organization worldwide that handle EU citizens’ information. In this session, we try to provide some sense to the chaos, an understanding of what privacy handling and breach notification legal requirements typically expect, and provide some sound advice on how to handle the situation when resources are limited.

Your presenter is Daniel Ziesmer, the President of Centripetum LLC, a firm specializing in supporting the governance, risk management, and compliance efforts of small enterprises, developing cybersecurity architectures and remediation programs, and providing virtual CISO services. Daniel is also the Vice President of the New Mexico Chapter of ISSA. A former professor, security architect, compliance director, and information security officer, Daniel has extensive experience in establishing security programs for governments and various private industries, including industrial control system environments. He holds a broad array of professional industry certifications, is a member of and contributor to numerous IT, cybersecurity, ICS, engineering, and scientific industry organizations, and has served as a technical editor or contributing author for more than a dozen IT industry books and textbooks.

You can register for the meeting here: https://www.meetup.com/New-Mexico-ISSA/events/

The April meeting of the New Mexico ISSA Chapter is scheduled for April 17, 2018, from 5:30pm to 7:00pm.

If you are in or willing to travel to Albuquerque, we encourage you to attend the meeting in-person at the EC-Council North America headquarters (101C Sun Ave. NE).  Attending in-person is the best way to meet new people, network in the industry, and put faces to names you may already know.

For those who cannot attend in person, the meeting will also be streaming live online as well.
(Details on how to connect to the meeting are available on the Meetup event page – see below).

John Servatt is an Information Security Professional with 20 years’ experience in the industry.  John will be speaking about the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), including the six step process of System Categorization, Selecting Controls, Implementing Controls, Assessment (of the security posture and collecting evidence), Risk Determination and Acceptance, and Monitoring.  This will be an opportunity for participants to discuss various challenges in developing documentation and applying security controls leading toward formal risk acceptance by an Authorizing Official.

You can register for the meeting here: https://www.meetup.com/New-Mexico-ISSA/events/

The March meeting of the New Mexico ISSA Chapter is scheduled for March 20, 2018, from 5:30pm to 7:00pm.

If you are in or willing to travel to Albuquerque, we encourage you to attend the meeting in-person at the EC-Council North America headquarters… attending in-person is the best way to meet new people, network in the industry, and put faces to names you may already know.

For those who cannot attend in person, the meeting will also be streaming live online as well.  (Details on how to connect to the meeting is available on the meeting page through the link below).

Our Speaker is Joe Gray, a Senior Security Architect with IBM.

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician.  Joe maintains his own blog and podcast called Advanced Persistent Security.  In his spare time, Joe enjoys attending information security conferences, contributing blogs to various outlets, training in Brazilian Jiu Jitsu (spoken taps out A LOT!), and flying his drone.  Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge.  Joe has contributed material for the likes of AlienVault, ITSP Magazine, CSO Online, and Dark Reading.

The Presentation: Advanced Social Engineering OSINT: Strategies to Pwn Companies, Big or Small

You can register for the meeting here: https://www.meetup.com/New-Mexico-ISSA/events/

A quick reminder that the February meeting of the New Mexico ISSA Chapter is scheduled for February 20, 2018, from 5:30pm to 7:00pm.

If you are in or willing to travel to Albuquerque, we encourage you to attend the meeting in-person at the EC-Council North America headquarters… attending in-person is the best way to meet new people, network in the industry, and put faces to names you may already know.

Of course, for those who cannot attend in person, the meeting will also be streaming live online as well.  (Details on how to connect to the meeting will be sent by e-mail to registered attendees prior to the meeting).

We’re still working on getting a confirmation from our speaker, so, unfortunately, we can’t announce the speaker just yet, but this post will be updated as soon as we know!

You can register for the meeting here: https://www.meetup.com/New-Mexico-ISSA/events/gpfbgpyxdbbc/

UPDATE:

The speaker will be Peter Ambs, the CIO for the City of Albuquerque.  Mr. Ambs will be presenting, “Anatomy of a Cyber Attack – Cause and Effect, Lessons Learned”.  You won’t want to miss this!