Upcoming Meetings

Tickets for in person attendance Only

Thursday, September 1, 2022

Title: SSLAdmin, Microsoft’s public and internal CA

Summary: As one might expect of a company the size of Microsoft, the company operates a significant infrastructure for issuing and managing certificates using a custom system known as “SSLAdmin”. Built over decades, with multiple redundancies and controls, as well as an external auditing process, this system powers a massive amount of websites, from Microsoft.com itself to hundreds of Azure services, some of which require thousands of certificates issued daily. This 45-minute presentation will explore the technology concepts behind this system and what makes it unique, in addition to some fascinating stories from the trenches and lessons-learnt from battle-scars.

Erez Benari is a former engineer, journalist and author living in Redmond, Washington. Benari’s career spans several decades with some of the best-known companies in the world, including Intel, Microsoft and NVidia. His work, which focused mostly on Information Security, included many years on the ISA Server Dev & Test team in Haifa, Israel, as well as supporting Microsoft’s forefront line of products IAG, UAG and TMG. Later on, Benari served as program manager for IIS and for Azure Websites. In his final role with Microsoft, Benari operated the SSLAdmin application as part of Microsoft IT. In early 2022, Benari retired and now spends his time as an artist and social-event organizer.

Presenter: Erez Benari
Time: 6:30-7:30 PM
Location: Mercer Island (register for location) and Zoom

Tickets for in person attendance only

Thursday, October 6, 2022

Title: Paul Brunson, VP of Engineering

Summary: Developing a practical cybersecurity strategy can be a daunting task. Where do you start? What issues should I address? How do I know what to protect? While each company's strategy will be unique to them, the basic ideas and concepts of an actionable cybersecurity strategy are the same whether you're the CISO of a Fortune 500 company, or the Director of IT (who also happens to own Security!) at a mid-market manufacturer. Understanding your business, aligning with corporate strategy, and defining the scope and the risks, are just a few of the concepts that ALL companies must do, in order to develop a successful cybersecurity strategy.

  1. Defining your desired end-state

    • Who are you? What does your organization DO?

    • What is most valuable to the company?

    • Understanding the company’s direction and strategy, especially the IT strategy, and the implications to the security strategy

    • Where does security need to BE, in a perfect world, to protect and enable the business?

  2. What is the first step?

    • Understand current capabilities and gaps

    • Asset Mgmt (special emphasis)

  3. Understanding the Threat Landscape

    • This can depend on your industry, type of compute assets, type of data, etc.

    • Where is your company strategy leading to over the next 3-5 years?

  4. Strategy Alignment & Executive Approval

    • Socialize with key stakeholders and decision makers

    • Capture the business value and business drivers teams provide/produce

    • Executive approval

Paul has over 20 years experience as an IT Security professional and leader with a broad background leading highly technical teams in multinational telecoms, global cloud providers, and SAAS-provider environments, over a 20 year career. He is deeply experienced in Vulnerability Management, Intrusion Detection & Prevention, Incident Response, Security Architecture, Security Policy, Network Security Monitoring, Security Program (ISMS) Development, SDL, and numerous Compliance Programs.

Presenter: Paul Brunson
Time: 6:30-7:30 PM
Location: Mercer Island (register for location) and Zoom


2 June 2022

Javier Salido

The evolution of privacy and the ethical use of machine learning in the tech industry

[Archived Video - Coming Soon!]

5 May 2022

David Hobbs

Hacking like a White Hat Wizard

[Archived Video - Coming Soon!]

7 Apr 2022

Michael LeSueur

We'll navigate through uncharted security territory by analyzing the attack lifecycle in the cloud and dissecting a real-world attack. The same technology that makes the cloud dynamic can have the opposite effect on an organization’s ability to implement detection and response in cloud environments. This includes the adding additional layer of preventative controls in addition to MFA, because it's increasingly being bypassed in O365 as an example. Michael LeSueur, Security Engineer at Vectra, will help us navigate through the uncharted security territory by analyzing the attack lifecycle in the cloud, reviewing the top cloud security threats, and dissecting a real-world cloud attack. Additionally, he'll provide key takeaways for managing access, detection and response, and security operations.

[Archived Video - Coming Soon!]

3 Mar 2022

Trey Blalock

Deepfakes, Voice Cloning, Synthetic Identities, and the Future of Fraud.
This talk is a fast-paced overview of some interesting tools and techniques used by threat actors and a discussion of the implications for the future of fraud. Trey will also be discussing some of the long-term issues that defenders need to be aware of, some mistakes businesses need to avoid, and how to protect your organizations from these types of attacks.

[Archived Video - Coming Soon!]

3 Feb 2022

Jon Espenschied

Unified GRC approaches, or "how not to bury people in policies they won't follow."

[Archived Video - Coming Soon!]

6 Jan 2022

Tim Rains

Tim Rains is the author of Cybersecurity Threats, Malware Trends, and Strategies, which covers vulnerability disclosure trends, malware trends, web-based threats, and an in-depth examination of cybersecurity strategies that the industry has used to try to mitigate them. Tim wrote this book after working as the most senior cybersecurity advisor at both Microsoft and Amazon Web Services.

In this session, Tim will share some of the insights from his book and his experiences.

[Archived Video - Coming Soon!]

4 Nov 2021

Lori Murray

Risk Management Framework is a process that integrates cyber security, privacy, and supply chain mitigations into the system development life cycle. Controls are selected and tailored specific to the needs of each instantiation allowing a holistic approach to defining security architectures in order to minimize security risk. During this session we explore the basics of Risk Management Framework as called out in NIST SP 800-53 and associated NIST SP 800 publications.

[Archived Video - Coming Soon!]

7 Oct 2021

Ethan Shackleford

The technology sector today is evolving more quickly than ever - with the rise of new industries - greatly expanding the scope of knowledge required to evaluate the security of systems and environments; it can feel as we are getting further and further ‘away from the metal,’ especially with the explosion of cloud technology abstracting details even further beyond shiny APIs. But there’s a commonality behind the novel abstractions: hardware. Understanding the operations of this hardware and its exposure to threats - is the essential knowledge needed by infosec professionals of all industries to improve security operations.

[Archived Video - Coming Soon!]

2 Sept 2021

Jake Bernstein

Exploring the 2021 Verizon Data Breach Investigations Report. Every year the Verizon cybersecurity team publishes a report analyzing the data and trends from the past year of cybersecurity investigations. Every cybersecurity professional should review the report because it is full of amazing insights and useful trends. This presentation will adapt the content from two episodes of The Cyber Risk Management Podcast to provide a distilled version of the 2021 DBIR and provide ample opportunity for discussion.

[Archived Video - Coming Soon!]

5 Aug 2021

Abraham Kang

GraphQL is coming to replace your REST APIs. Built on the promise of providing more flexible access to your data, there has to be a catch. Come to this talk if you would like a comprehensive overview of the known security vulnerabilities in GraphQL applications. We will also cover mechanisms and design patterns that you can use to secure your GraphQL applications from these attacks.

[Archived Video - Coming Soon!]

3 Jun 2021

Bryan Hurd

Cyber Smoke Jumper – Days, Nights and Weekends in the Life of a Breach Responder. This session is a view into the past, present and future of cyber attacks hitting our companies, communities and families. Leading global teams that General Counsels, CEOs and CISOs call in emergencies or to avoid one, Bryan will be discussing not only some of the trends and technical issues in what the adversaries are doing, related to ransomware, intrusions and extortion, but the way that technical and executive leaders can protect, avoid, or respond to attacks from cyber criminals or insiders. Bryan will also be discussing the skills, certifications, and network of professionals that make collective response to this global threat possible.

[Archived Video - Coming Soon!]

6 May 2021

Joe Szymusiak

Data the Unintended Consequences. Where, what, and how personal data has been used and abused.

[Archived Video - Coming Soon!]

1 Apr 2021

Fernando Maymi

Collective Defense is a multiparty strategy in which each member of a community freely contributes to the cybersecurity of the others and, in so doing, improves its own security. It is the idea that organizations defend as a team. Participants trust each other and cooperate in matters of cybersecurity while remaining competitive in the marketplace. The Collective Defense Framework comprises three components. Cooperation which requires that all participants work together to achieve a collective effect that would have been impossible to be done in isolation. Intelligence which entails collaborating on the production and sharing of friendly information and threat intelligence to develop a common operational picture. Activities and initiatives in these first two components are validated, practiced and enhanced through the third component, Training and Exercises.

[Archived Video - Coming Soon!]

4 Mar 2021

Frank Simorjay

Come join us in our upcoming ISC2 Seattle meeting where Frank Simorjay ISC2 Seattle Chapter President will share his expertise at Microsoft and present on the topic of Securing Privileged Access processes, and what you should considering in building own Privileged Access Workstations (PAW).

[Archived Video - Coming Soon!]

4 Feb 2021

Dan Griffin

I will discuss the role that privileged access plays in preventing future Solar Winds like attacks. I will provide specific examples of hardware and toolchain security measures that you can adopt for secure software development.

[Archived Video - Coming Soon!]

7 Jan 2021

Jean Pawluk (CISSP)

All that glitters... Applying lessons learned to date to emerging technologies.

[Archived Video - Coming Soon!]

3 Dec 2020

Marc Coady (CISSP)

One-man Band - My personal experience as the first IT Security Manager of MOD

[Archived Video - Coming Soon!]

5 Nov 2020

Trey Blalock (CISSP)

Why APT's have Changed the Economics of Security.

[Archived Video - Coming Soon!]

1 Oct 2020

Jake Bernstein (CISSP)

Creating a cybersecurity program that meets the FTC's standard for reasonableness based on the NIST CSF.

[Archived Video - Coming Soon!]