Upcoming Meetings

Privacy Engineering Demystified: You Too Can Be a Privacy Engineer

Date: 
Tuesday, October 20, 2020 - 6:00pm
Topic: 

In 2018, GDPR brought data privacy to the forefront. The prior regulation had the impact of “ankle biters” and was often ignored. However, the new version has the potential chomp of a Megalodon for non-compliance. The rapid pace of technology innovation, paired with the maturation of the Internet of Things, digitation/automation efforts along with big/deep data analysis, creates a world where ensuring data privacy seems impossible. Every week there are new reports of data breaches or privacy violations. Two recent examples are Ring Doorbell and Facebook. Privacy engineering is a technical process that when incorporated into the solution development lifecycle process, can help ensure that data privacy requirements are met and/or at least the gaps are understood and what mitigation steps are needed before the product or solution is made available to customers or implemented within an organization. 

The talk will demonstrate the critical role of privacy engineering and will highlight that software engineers and program/product managers can be privacy engineers. We will provide high level concepts of privacy engineering and discuss how this process can be integrated into an organization’s development lifecycle process. 

Speaker: 

 Deepika Gupta

Deepika Gupta

Deepika Gupta is a Security Architect/ Technical Leader in the InfoSec team at Cisco. Currently, she is the product owner and technical lead for Continuous Security Buddy (CSB) product for OpenStack and OpenShift which provides automated security posture validation of private cloud tenants. Before joining InfoSec team, Deepika was a Security Advocate and Manager/ Technical Leader in Cisco’s Cloud Business unit working on security and quality assurance of OpenStack based NFVi solution. Deepika has also hosted and presented at Cisco’s internal security conference for several years. She is also a pillar lead for Cisco’s Women in Cyber Security.

 

 

 Anjali Gugle

Anjali Gugle

Anjali has over 20+ years' experience in designing solutions and leading teams to secure enterprise and networking services along with sound management background. In her current capacity at Cisco, she is the Architect and Security Officer at Cloud Platform Security Group and her main focus is developing solutions for improving the security and privacy posture of Cisco Products. Her specialty is navigating complex landscapes in the areas of container security and cyberspace privacy issues. Anjali has been an avid speaker at (ISC)2 Security Congress, ISSA, Women of Silicon Valley, an influencer in Networking With A Purpose Silicon Valley series in areas of data privacy and cybersecurity. Her expertise is at the intersection of Networking, and Cybersecurity. Anjali holds a Patent for workload scheduling based on a credit-based mechanism. She is also an Executive Producer of "Diva Motherhood" music video celebrating "mainstream women". Anjali holds a Masters in Computer Science from Dalhousie University, Canada.

 

 
Location: 

Zoom Meeting to be provided for those who RSVP

Hosted By:

Malwarebytes

Cyber-Laundering

Date: 
Tuesday, November 17, 2020 - 6:00pm
Topic: 

Historically, fraud detection and cybersecurity have been separate disciplines with unique objectives and approaches. But as criminal organizations seek to take advantage of online tools for fraudulent campaigns, they’ve created integrated techniques that encompass elements of both domains. Therefore, professionals charged with defending corporate networks and assets must also come together to defend against these shared adversaries. Increasingly, preventing criminals from using corporate platforms for illegal activity has become the responsibility of infosec teams who traditionally focused exclusively on data protection. This requires companies to adopt a new approach that combines digital insights from infosec with behavioral gaps identified by fraud investigations.  

This talk will provide insights from experience in both laundering investigations and cybersecurity to address the most prevalent and damaging cybercrime threats to companies -- and how to defend against them. 

How do we prevent our company from being used for criminal gain? What obstacles prevent us from identifying bad actors and what can we learn from our adversaries to create an infosec/fraud defense collaboration? 

Learning Objectives:

How information security professionals and fraud investigators can work together to build defense and resilience against shared adversaries. 

Techniques for recognizing cybercrime patterns and behaviors that incorporate elements of ransomware, laundering, cyber attacks, and email compromise. 

How infosec teams can shift away from a “cost center” mentality to deliver monetary value to their organizations. 

Speaker: 

 Faranak Firozan

Faranak Firozan

Faranak is an experienced incident commander and investigator, who built the Post Incident Review Program for Uber. Her mission is helping the security industry rediscover the forgotten phase of incident reviews and extracting important learnings into the incident cycle to avoid repeated attacks. Throughout her career, Faranak has also led anti-money laundering initiatives for private banks and wealth management firms, managed incident response, and developed a unique approach to address the converging fields of financial fraud and traditional information security.

 

 
Location: 

Zoom Meeting to be provided for those who RSVP

Hosted By:

Malwarebytes