Thursday, December 14, 2017

5:00 PM – 8:00 PM PST


*Entry to the prize giveaway will be by a free raffle draw during the meeting. Attendees arriving before 5:30 PM will be provided with one free raffle ticket upon arrival. Raffle tickets will stop being issued at 5:30 PM so the meeting may begin on time. Raffle winners must be present to claim prize, or another winner will be drawn.


5:00 Arrivals/Raffle Ticket Issue/Food and Networking

5:30 President’s Opening Address

5:35 PhishMe Presentation – Kevin Flanagan

6:10 Dan Manson

6:20 Alert Logic Presentation – Charles Johnson

7:00 Criterion Systems Presentation – Tamara Jade-Walters

7:30 Raffle Draw and Prize Giveaway

8:00 Meeting End

Featured speakers:


Speaker: Kevin Flanagan, CISSP, CISA

Kevin Flanagan, CISSP, CISA, is the Vice President of Global Sales Engineering at PhishMe. Kevin has more than 20 years of security experience leading the development of teams, building security programs, and designing security architectures. At PhishMe, Kevin leads a team of security experts responsible for assisting clients with development of security programs that improve the role of humans in detection, response, and mitigation of today’s and tomorrow’sthreats. Prior to PhishMe Kevin has served in other consulting leadership roles at large security solutions providers, including RSA Security where he was responsible for customer outreach and subsequent education campaigns in the wake of the 2011 RSA breach.

About PhishMe:

PhishMe is the leading provider of phishing threat management for organizations concerned about human susceptibility and response to advanced targeted attacks. PhishMe’s intelligence-driven solutions empower employees to be an active line of defense and source of attack intelligence by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our phishing incident response platform and phishing threat intelligence enables SOC and IR teams to respond faster to real threats – decreasing the risk of data breaches.

Alert Logic

Speaker: Charles Johnson

Charles Johnson is a 20-year Information Technology professional with roots in secure communications. Charles began his career securing communications for the United States Joint Forces Command (J6) and the Commander in Chief, Atlantic Fleet for the United States Navy. After serving 5 years, Charles also contracted as a consultant under the Navy & Marine Corps Internet privatization project via EDS at the 3rd Marine Air Wing at Marine Corps Air Station Miramar. After some time working in organizations large and small in the private sector, Charles began consulting as a Security Engineer and a Solutions Architect. Today, Charles is the Director of Sales Engineering for Alert Logic and is based in Los Angeles, CA

Abstract: Blurry Concepts & Insecurity

A solid answer to everything is not necessary. Blurry concepts influence one to focus, but postulated clarity influences arrogance. – Christopher James Gilbert

From the NSA to Equifax, the arrogance of those who are responsible for securing data and information systems has never been more prevalent. In kind, with each passing year the Verizon DBIR, the Cisco Annual Cybersecurity Report, and even the ISACA 2017 State of Cyber Security report all show that, despite the billions of US Dollars spent each year on products and services, we remain more vulnerable than ever to attack. With a skills shortage in the workforce and a lack of standards in either training or toolsets, it is truly impossible to be confident in the face of cyber threats.

Insecurity takes on various disguises. Cockiness and arrogance are among the most common. -Luigina Sgarro

It has never been more difficult to work in IT. This evening, we will remove the veil and cover what is truly required to operate information systems and maintain data streams in a secure manner. Note every organization is impervious to attack. The response to an attack is what separates the professionals from the unemployed.

Criterion Systems

Speaker: Tamara-Jade Walters

Tamara-Jade Walters, a leading expert in cybersecurity forensics and Red/Blue Team Operations, will lead a technical discussion on the merging of cybersecurity and operational technology.

OT generally comprises the systems that handle the monitoring and automation of ICS through SCADA systems attached to distributed control systems (DCS), programmable logic controllers (PLCs), remote terminal units (RTUs) and field devices. OT is focused on the automation of machines, processes and systems within a plant.

A recent (and significant) attack was revealed in January 2016, when the Computer Emergency Response Team of Ukraine (CERT-UA) confirmed global suspicion that the previous month’s power outage across several western Ukrainian regions was caused by a malicious attack that left more than 57 power stations in a blackout state.