Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GeoffS
Newcomer I
‎04-30-2023 12:47 PM
‎04-30-2023 12:47 PM

2023-04-25_meeting_notes

# ISC2 Meeting Notes

 

Date: 2023/04/25
Start Time: 5:30 PM EST

Location: TrustedSec

 

## Board Attendees

 

-[X] President - Christopher Hartley
-[X] Treasurer - Ted Kozenko
-[X] Membership Chair - Troy Sheley
-[X] Secretary - Geoff Sternecker
-[ ] Emeritus - Robert Nettgen

 

## Sponsors

 

Dell - Primary financial sponsor
TrustedSec - Meeting room & facilities
Improving - ?

 

## Topics

 

* Chatham House Rule
* Officer Introductions for 2023
Five (5) new attendees
* ISC2 surveys have been sent out from the mothership.
* ISS upcoming at the IX center, Last Week of October 26th Early Bird is now open.
* NEO Cyber Security Day, ISC2, ISACA, INFRAGARD at the Galaxy May 12th 300 person limit $65.
* Budget coverage
$9,596.79 as of 4.25.23
Catering, ~$600
Eventbrite, $15.00
Carry out containers, $20.00

Summer Family cookout, June $10 per person
Need volenteers, need raffle items

I think, we should send out a survey. Leaned maybe to yes.

 

## Security in the wild with Tyler Hudak @secshoggoth

 

IC3 Annual reports coverage, large numbers may not be reported.
Investment fraud was the top in 2022.
180 million in losses reported by companies in Ohio.
If you have computers or money, you can be a target.
Not "OT" heavy.

 

Number 3: Insider threat
Violence/Sabotage/Databreach & Theft/Attack Collusion
Someone that falls for a phishing attack is considered an insider threat.

 

Number 2: Ransomware
The Russia - Ukraine conflict decreased the levels of ransomware.

$8 million is not an unusual cost for a ransomware remediation.
It is a top tabletop exercise scenario. The attacks go on for months.
IR will start at 120 hours. Their highest is 300 hours.
IT and Legal expenses, Communications expenses.

 

Number 1: BEC, Business Email Compromise
We changed our account, and then sends out new invoices.

MFA is key, but not foolproof.
Check if legacy protocols is still enabled on M365.
Check the enabled applications.
They set up email rules to hide the emails. Pull everyones email rules and look at forwarding or emails moved to RSS folder.
Don't delete the rules, disable them. So forensics can evaluate timelines.

 

## Speakers

 

J.R. Cunningham: EVP & Chief Security Officer from nuspire
"By any measure your industry has failed and continues to fail. I feel bad for you all because you can never get it right."

2017 conversation on a plane with a Top 25 CEO
Is my industry a failure?
The history of our Industry and measures of success.
Bad thing happens, company gets started, money spent. Repeat.
iPhone changed every regulation in 2007, HIPAA, FISMA, PCI didn't address mobile.
New things happening every single year from 2018 forward, so the trend didn't change.
Used SSCMM maturity model for tracking, evaluating.
Vulnerability management is still the issue, combined with asset inventory.
Nobody can do DLP, Network segmentation is too difficult, nobody messes with phones.
Random people from the org buying cloud infrastructure.
Comparison to the history of fire fighting.
Where do we go from here slide.

 

## End Time

 

8:15 PM

Reply
0 Kudos
0 Replies