LinkedIn
Events Calendar
The 29th Annual 2014 ISSA SoCal Security Symposium

The SoCal Security Symposium features over 30 vendor exhibits and several industry experts discussing current security issues such as eDiscovery, cloud security, threat vectors, mobile security, and much more. There will be giveaways and prizes! This conference will provide tremendous networking opportunities. You'll come away with advice and knowledge you can start applying to your environment immediately. Your registration will include your breakfast, lunch, ice cream social, CPE credits (8) and entrance into the conference sessions and exhibit area.

This year we have terrific speakers:

  • Jim Stickley; Founder, Stickley on Security (SoS)
  • Masha Sedova; Salesforce.com, Director of Trust Engagement
  • Jensen Penalosa; FBI, Supervisory Special Agent
  • Charles Henderson; Director of Spiderlabs

.

Panel Topic: “How to Stay out of the Target”

Abstract:

As breaches become more common and security is elevated from the basement to the boardroom, executives are learning that achieving regulatory compliance and operating a security program based on checklists are not enough to avoid becoming the next target of a political, economic, or “just because we can” cyber criminal.

To help us navigate through this topic, panel members were selected based on various viewpoints to reflect the real-world complexity of threats, prevention and remediation.  This lively discussion will hopefully generate and uncover a desire for security professionals on all levels to take the next steps to continue the dialogue and collaboration necessary for building a mature and effective security program.

Panel members:

        Craig Rosen; FireEye; CISO

Bio: http://www.security-innovation.org/bios/Craig_Rosen-bio.htm?keepThis=true&TB_iframe=true&height=600&width=500

        Jason James; Evantix, VP of Risk Advisory Services

Bio: http://evantix.com/leadership/jason-james/

        J. Craig Williams, Partner, WLC | The Williams Law Corporation.

Bio: http://wlc-legal.com/overview/bio_craigwms.html

        Chester Wisniewski, Sophos, Sr. Security Advisor

        Bio: https://nakedsecurity.sophos.com/author/chesterwisniewski/ 

Event Schedule:

Register Image

Abstract and Bios:

-------------------------------------

Jim Stickley
 
Bio:

A Co-Founder and board member of TraceSecurity, Jim Stickley has been involved in thousands of security services for financial institutions, Fortune 100 corporations, healthcare facilities, legal firms, and insurance companies. Through the years, Stickley has discovered numerous security vulnerabilities in products such as firewalls, PKI servers, online banking applications and PDA devices. He has been a consultant for the network stations FOXNEWS, CBS and NBC as well as the Associated Press. Stickley has been featured in numerous magazines and newspapers including Time Magazine, Business Week, Fortune Magazine, New York Times, PC Magazine, CSO Magazine and hundreds of other publications. He has also been showcased on numerous television shows including NBC's "Nightly News", CNN's "NewsNight", CNBC's "The Big Idea", Anderson Cooper's "Anderson" and is a frequent guest on NBC's "Today Show". Additionally, Stickley is the author of "The Truth about Identity Theft" and a co-author of "Beautiful Security". Stickley can be seen throughout the United States where he serves as an entertaining speaker for corporations, security-related conferences, seminars and forums, covering topics that range from basic identity theft to national cyber terrorism.

Abstract:

Over the past several years organizations have been forced to meet more and more regulations and guidelines in an effort to maintain security compliance.  So why is it that in the past year we have seen a tremendous increase in major security breaches against huge corporations that are "in compliance"?  In this session Stickley will discuss the changes that have taken place in cyber attacks, how organizations need to respond and what the future cyber attacks and targets will look like.

----------------------------------------

Charles Henderson, “The Mobile World Order”

Bio:

Charles Henderson is the Vice President of Managed Security Testing at Trustwave. He has been in the information security industry for over fifteen years. He and his teams have specialized in network penetration testing, application penetration testing, physical security testing, and incident response over that time. His clients range from the largest on the Fortune lists to small and midsized companies interested in improving their security posture. Charles routinely speaks at various conferences around the world (including Black Hat, DEF CON, RSA, SOURCE, OWASP AppSec USA and Europe, FROC, and Merchant Risk Council) on various subject matters relating to security testing and incident response.

Abstract:

Mobile devices and applications are redefining business, revolutionizing productivity and driving competitive advantage. But as the volume of mobile applications increases, so too is the volume of mobile exploits.  In the rush to enter the mobile software market, are we taking shortcuts that force us to repeat sins of the past like caching sensitive data, incomplete encryption and simple mistakes in coding?  Do not let old-school vulnerabilities allow hackers to resurrect previously obsolete malware and exploits.  With the experience of more than 1,400 incident response investigations, thousands of penetration tests and hundreds of application security tests, Charles Henderson will show how to make sure you are not leaving sound security practices and due diligence behind as you approach the new mobile world order.

--------------------------------------------

Jensen Penalosa, “The Cyber Threat: The Cyber Threat: Motivation, Evolution and Adapting Our Response”

Bio:

Supervisory Special Agent Jensen Penalosa has been a Special Agent with the FBI since 2005.  SSA Penalosa is a Certified Information Systems Security Professional (CISSP) with a Bachelor of Science degree in computer science from California State University, Fullerton.  Prior to entering on duty with the FBI, SSA Penalosa was employed by FileNet Corporation as a software engineer.  From 2012 to 2014, SSA Penalosa supervised the FBI Cyber Crime Squad embedded in the Los Angeles Electronic Crimes Task Force.  SSA Penalosa is currently assigned to the Orange County Resident Agency, where he supervises a Cyber Squad that is responsible for conducting counterterrorism, counterintelligence and criminal cyber investigations.

Abstract:

The Cyber threat has evolved over the years and it is important to understand our adversaries and their motivation.  From organized cyber gangs looking to make a profit to nation-states who are trying to gather our secrets, Cyber threat actors are getting better at what they do and we need to evolve with them.  This presentation covers various actor types and how the FBI is adapting to the threat.  Collaboration is key and will make the difference as we move forward to combat various Cyber threat actors.

----------------------------------------------

Masha Sedova, “Carrots not sticks: Building Security Awareness through Gamification”

Bio:

Masha Sedova is the Director of Trust Engagement at Salesforce.com where she is responsible for securing the human element of Salesforce.com. By leveraging behavioral science, gamification, positive incentives along with human pen testing, security education and training she is transforming security awareness from "have to" to "want to."  Prior to this she was the principal founder of Dymera Strategies consulting where she conducted social engineering and security awareness training to international companies and government agencies based on tools, techniques, and methods of prominent cyber warfare actors. Prior to consulting, Masha worked at Northrop Grumman and BAE Systems.

Abstract:

Learn how to leverage gamification, rewards, and key behavior science methods to drive positive and transformational security engagement in any organization and get security awareness from “have to” to “want to.” We will discuss the roots of gamification in psychology and how the lessons learned from video game designers can help us make security, as well as everything else we do, much more engaging.  Finally, we will explore common pitfalls, ways of testing program effectiveness, customization for job functions, and steps you can take to build your own program. 

Vendor opportunities:

If you are intested in being a vendor sponsor, please send an email to sponsor@issa-oc.org for additional information.

Date/Time:

Presentation date - October 30th, 2014
Registration opens at 7:30 a.m., closing at 5:30 p.m.

Costs:

ISSA/ISACA Members - $95 by October 28th
Non-members - $115 by October 28th
Students - $75
At the door - $150

Location:

Hilton Long Beach & Executive Meeting Center
701 West Ocean Boulevard
Long Beach, California, 90831-3102 
TEL: 1-562-983-3400 FAX: 1-562-983-1200 
Maps & Directions


Register Image