Past Meetings

Identity and Access Management: Good for Cybersecurity, Not So Much for Information Security

Tuesday, July 20, 2021 - 6:00pm
Dimitri Nemirovsky headshot

While cybersecurity is broad in both its context and application, information security is singularly focused on the protection of data. In practice however, most organizations repeatedly use the same tools, controls, strategies, mindset, etc., to defend against cyber-attacks as they do to protect their data. The unfortunate reality is that most tools are designed fundamentally to address cybersecurity, and while these tools may to some degree help with information security, it’s really not their raison d’être.

In this session, we will argue the importance of segregating IAM controls from information security mechanisms and why doing so can enhance your security posture.

Dimitri holds BBA and MBA degrees from Baruch College and earned his JD from Brooklyn Law School. Prior to co-founding Atakama, Dimitri spent 15 years as an attorney, most recently practicing regulatory and enforcement law at Bingham McCutchen where he represented large financial institutions in high-stakes matters. Dimitri began his career at Merrill Lynch.

 

Web3 and Blockchain Threats

Tuesday, June 15, 2021 - 6:00pm

As the world moves from Web2 to Web3, threats are evolving. Moving forward, we need a framework for not only protecting against cryptocurrency and blockchain attacks, but also a method to share that information. In this talk, Rick will discuss some of the threats he has seen at some of the top cryptocurrency exchanges as well as discuss a framework for threat intel in the future. 

 

Rick Deacon headshot

Rick Deacon is co-founder of Apozy(browser visibility and protection), a stealth Web3 cybersecurity company(blockchain and cryptocurrency), and RADwood(80's and 90's automotive festival). Rick has been a cybersecurity professional for over 12 years, beginning his career as a penetration tester. Rick has spoken at DEFCON, B-Sides, ISSA, and numerous other conferences in the past, with a focus on offensive and defensive security.

 

Trending Malware families, and techniques used to evade

Tuesday, May 18, 2021 - 6:00pm

In the past few years, there has been a tremendous increase in Malware attacks, with both private and governmental organizations losing thousands of dollars in ransomware attacks. In this session, we will take a deeper look into the Malware families that have been on the rise, and the techniques used by the malware writers (attackers) to evade detection.

The Collision of Crypto Assets and Security on You and Me

Tuesday, April 20, 2021 - 6:00pm

Nobel Tan

A veteran in the cybersecurity space, Nobel Tan is Chief Technology Officer for Uppsala Security and Sentinel Protocol, where he spearheads product development and intelligence research. Prior to this, Nobel also served as the company’s Head of Security Operations and Head of Engineering. Nobel is based in Singapore near the corporate HQ of Uppsala Security. An engineer by training with over a decade of expertise in Information Security and IT risk strategy in the cybersecurity sector, Nobel previously led a team of technical engineers at FireEye Inc. In that capacity, he oversaw the FireEye Cloud Product and related services such as Web and Email Threat Prevention. Beyond the office, Nobel has also been recognized for his contributions to the industry; he received a 2014 Award of Excellence by EVP Customer Services for creating transformative impact in customer services organizations.

 

A standardized risk based approach to privacy using ISO27701

Tuesday, February 16, 2021 - 6:00pm

Matthew Corwin

Matthew Corwin

A privacy program in this rapidly evolving regulatory environment must take into account many perspectives, including: an understanding of the current requirements applicable to each business process which involves personal information, the business justifications for the use of that personal information; the way in regulatory requirements translate into technical and process changes, how those changes are best addressed from the application level to the organizational level; future-proofing against changing applications, business needs, and additional regulatory requirements, increased customer and partner expectations, and peer competitor strategies. This program must also be risk based and designed to achieve a viable defensible position in the shortest amount of time, without boiling the ocean, and should include a road map for continuous improvement and recurring risk and privacy assessments.

Cyber Attack Trends and Insider Threats

Tuesday, December 15, 2020 - 6:00pm

Learn what cyber attack trends California is facing and find out from recent FBI cases how insider threats can pose a threat to your organization. The talk will provide insights from cases that display specific methods in which organizations were victims. How it happened, why it happened, who was affected and lessons learned.  On the heals of National Insider Threat Awareness Month in September the latest best practices and resources will also be shared.

 

 Supervisory Special Agent, Cyber Squad, FBI San Francisco

Supervisory Special Agent, Cyber Squad, FBI San Francisco

 

Cyber-Laundering

Tuesday, November 17, 2020 - 6:00pm

Historically, fraud detection and cybersecurity have been separate disciplines with unique objectives and approaches. But as criminal organizations seek to take advantage of online tools for fraudulent campaigns, they’ve created integrated techniques that encompass elements of both domains. Therefore, professionals charged with defending corporate networks and assets must also come together to defend against these shared adversaries.

Privacy Engineering Demystified: You Too Can Be a Privacy Engineer

Tuesday, October 20, 2020 - 6:00pm

In 2018, GDPR brought data privacy to the forefront. The prior regulation had the impact of “ankle biters” and was often ignored. However, the new version has the potential chomp of a Megalodon for non-compliance. The rapid pace of technology innovation, paired with the maturation of the Internet of Things, digitation/automation efforts along with big/deep data analysis, creates a world where ensuring data privacy seems impossible. Every week there are new reports of data breaches or privacy violations. Two recent examples are Ring Doorbell and Facebook.

Pages