https://community.isc2.org/t5/Cleveland-Chapter-Discussion/September-2022-Meeting-Minutes/m-p/57171#M18 <P>Start: 17:35</P><P>Attendees: 30, # first time</P><P>Sponsor: Dell</P><P>Location: Improving, Independence, OH</P><P>Officers in attendance</P><UL><LI>Rob Netgen</LI><LI>Chris Hartley</LI><LI>Troy Sheley</LI><LI>Ted Kozenko</LI></UL><P>Chapter Updates</P><UL><LI>Elections in October</LI><LI>Charging for attendance in 2023</LI><LI>Fees charged to the chapter covered by sponsorship</LI><LI>Possible meeting 18:00-20:00 in 2023.</LI></UL><P>Job openings</P><UL><LI>Parkplace Technologies - Security 1</LI><LI>Current - SAP Security Lead</LI><LI>Vitamix - Business Systems Analyst, Enterprise Engineer, Systems Architect.</LI></UL><P>Security Friends</P><UL><LI>Public wi-fi worries WaPo</LI><LI>American Airlines breached through phishing attack</LI><LI>London police arrested 17yo of Uber hack</LI><LI>Firing the entire cybersecurity team by Patreon</LI><LI>Russian RSOCKS botmaster arrested</LI><LI>Colonial Pipeline hackers add startling new capabilities to ransomware</LI><LI>Hackers target unpatched Atlassian Confluence servers</LI><LI>Malware bytes blocks google domain</LI><LI>LockBit ransomware builder v3.0 leaked online by developer</LI><LI>Unpatched 15yo Python bug allows code execution</LI><LI>$35M fine for Morgan Stanley</LI><LI>Critical flaw in airplane wi-fi.</LI></UL><P>Information Security Summit Announcement</P><UL><LI>Call for volunteers</LI><LI>Announcement of registration</LI><LI>Security Friends will be there</LI></UL><P>Topic 1: Chris Hartley - Adventures in Cybersecurity (group discussion)</P><UL><LI>Downloading images to company laptops</LI><LI>Running websites on company servers</LI><LI>Assessment vs. Audit = grades vs. proof</LI><LI>Document what you do then prove it</LI><LI>Is the CMDB actually up to date and what is in it</LI><LI>Leaders in all levels have to be involved in security to drive it in the organization</LI><LI>Assign work and delegate authority</LI><LI>Can have policies, but can it be enforced as written; if not, it's not a policy</LI><LI>What does good look like</LI><LI>How is infosec viewed in the org - enabler, deterrent, etc.</LI><LI>Know time to detect and time to defeat</LI><LI>ISAO.org group for info sharing</LI><LI>Resources: CSO mag, Gartner, Forester,</LI><LI>what is my competitor doing.</LI></UL><P>End 19:35</P> Sat, 11 Feb 2023 00:58:09 GMT TedKozenko 2023-02-11T00:58:09Z https://community.isc2.org/t5/Cleveland-Chapter-Discussion/September-2022-Meeting-Minutes/m-p/57171#M18 <P>Start: 17:35</P><P>Attendees: 30, # first time</P><P>Sponsor: Dell</P><P>Location: Improving, Independence, OH</P><P>Officers in attendance</P><UL><LI>Rob Netgen</LI><LI>Chris Hartley</LI><LI>Troy Sheley</LI><LI>Ted Kozenko</LI></UL><P>Chapter Updates</P><UL><LI>Elections in October</LI><LI>Charging for attendance in 2023</LI><LI>Fees charged to the chapter covered by sponsorship</LI><LI>Possible meeting 18:00-20:00 in 2023.</LI></UL><P>Job openings</P><UL><LI>Parkplace Technologies - Security 1</LI><LI>Current - SAP Security Lead</LI><LI>Vitamix - Business Systems Analyst, Enterprise Engineer, Systems Architect.</LI></UL><P>Security Friends</P><UL><LI>Public wi-fi worries WaPo</LI><LI>American Airlines breached through phishing attack</LI><LI>London police arrested 17yo of Uber hack</LI><LI>Firing the entire cybersecurity team by Patreon</LI><LI>Russian RSOCKS botmaster arrested</LI><LI>Colonial Pipeline hackers add startling new capabilities to ransomware</LI><LI>Hackers target unpatched Atlassian Confluence servers</LI><LI>Malware bytes blocks google domain</LI><LI>LockBit ransomware builder v3.0 leaked online by developer</LI><LI>Unpatched 15yo Python bug allows code execution</LI><LI>$35M fine for Morgan Stanley</LI><LI>Critical flaw in airplane wi-fi.</LI></UL><P>Information Security Summit Announcement</P><UL><LI>Call for volunteers</LI><LI>Announcement of registration</LI><LI>Security Friends will be there</LI></UL><P>Topic 1: Chris Hartley - Adventures in Cybersecurity (group discussion)</P><UL><LI>Downloading images to company laptops</LI><LI>Running websites on company servers</LI><LI>Assessment vs. Audit = grades vs. proof</LI><LI>Document what you do then prove it</LI><LI>Is the CMDB actually up to date and what is in it</LI><LI>Leaders in all levels have to be involved in security to drive it in the organization</LI><LI>Assign work and delegate authority</LI><LI>Can have policies, but can it be enforced as written; if not, it's not a policy</LI><LI>What does good look like</LI><LI>How is infosec viewed in the org - enabler, deterrent, etc.</LI><LI>Know time to detect and time to defeat</LI><LI>ISAO.org group for info sharing</LI><LI>Resources: CSO mag, Gartner, Forester,</LI><LI>what is my competitor doing.</LI></UL><P>End 19:35</P> Sat, 11 Feb 2023 00:58:09 GMT https://community.isc2.org/t5/Cleveland-Chapter-Discussion/September-2022-Meeting-Minutes/m-p/57171#M18 TedKozenko 2023-02-11T00:58:09Z