ISSA OTTAWA January 2018 Chapter Meeting

January 25, 2018
5:30 PM - 8:15 PM

Ottawa Novotel - Dawn Room (3rd floor)
33 Nicholas Street
Ottawa, ON K1N 9M7
Venue website

CISSP DOMAINS: Security and Risk Management, Security Assessment and Testing, Security Operations. 

The ISSA Ottawa Leadership Team is delighted to invite you to another solid event. We're welcoming Jay Jacobs, an internationally renowned Subject Matter Expert (SME) for cyber security in data analysys, to help us improve our IT security programs. We're also honoured that local-expert Ben Gardiner will help us better design and protect our system by using threat models and attack trees. 

Tickets are limited. Registration closes on January 21st

JAY JACOBS

Data-Driven Security for Your IT Security Program

We all want to know what can be done to avoid or stop the next breach. However, the complexities of our connected world combined with an intelligent adversary make accurate measurements, and the subsequent decisions, difficult in the best of times. This session will discuss how we have tackled measuring our security programs, why our current path won’t get us there, and how lessons already learned in other disciplines can help us make better security decisions.

Jay Jacobs

Bio

Jay Jacobs is a Data Scientist at BitSight before that, he spent four years as the Lead Data Analyst on the Verizon Data Breach Investigations Report (DBIR). Jay is also a co-founder of the Cyentia Institute, a research firm advancing cybersecurity knowledge and practice through data-driven research. Jay is the Co-Author of Data Driven Security, a book covering data analysis and visualizations for information security. Jay is also a Co-Founder of the Society of Information Risk Analysts (SIRA).

BEN GARDINER

Threat Assessments and Attack Trees – You Can Do This (!)

Engineers are subject matter experts for the systems they design. As a result, they are the most qualified to understand the data flow relationships in these systems. This is a key part of threat modeling software. In order to successfully identify the security needed to effectively protect the system, engineers must threat model early in the design process to yield a much more robust and resilient system. This session will provide engineers with training on threat models and attack trees. This presentation will also give engineers that are interested in securing their systems, but with little to no knowledge of threat modeling, the understanding necessary to perform attack tree analysis. They will leave with answers to the following questions: 1. Why would someone want to create attack trees and a security design review instead of just developing protection capabilities?

2. How are attack trees composed? What are they modeling?

3. What are some best practices for the process of creating attack trees?

4. How can we communicate the results of an attack tree to our colleagues and key decision makers?

Ben GardinerBio

Ben Gardiner is a Principal Security Engineer at Irdeto and a member of the ethical hacking team, specializing in hardware and low-level software security. With more than 10 years of professional experience in embedded systems design and a lifetime of hacking experience, Mr. Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. He brings this knowledge to Irdeto, a pioneer in digital platform and application security. With nearly 50 years of experience, Irdeto’s software security technology and cyber services protects more than 5 billion devices and applications against cyber attacks for some of the world’s best known brands. Prior to joining Irdeto in 2013, Mr. Gardiner held embedded software and systems engineer roles at several organizations. Mr. Gardiner has a Masters of Engineering in Applied Math & Stats from Queen's University. He is also a member of and a contributor to SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2) and the GENIVI security subcommittee.


Agenda

5:30 pm - Doors open for check-in/ Networking
6:00 pm - Dinner is served along with a brief welcome
6:15 pm - Ben Gardiner
7:00 pm – Jay Jacobs
8:15 pm – End of the event

Tickets

$50.00 Non-ISSA members

$40.00 ISSA Member