March 2021 – Quantum Computing – Fact vs Fiction

March 4, 2021March 4, 2021 / roanokeinfosec

For March 2021 Rob Perry (CISO from Carilion Clinic) returns with an insightful look at quantum computing and how it could potentially change the IT Security landscape. Never wanting to shy away from the more technical topics Rob’s previous talk regarding BlockChain challenged the most well held beliefs regarding its usage and forced us to look at Block Chain differently. Now we have an opportunity to see where he will take us in this talk. Don’t miss a great opportunity to hear from a local industry leader as we cover “Quantum Computing – Fact vs Fiction”. This meeting will be virtual, and we will send connection details prior to the event. Hope to see you there!

Event Details

March 11th, 2021 @ 5:30pm,

Virtual Event – sign up to RISE email list for connection info

Subject of discussion:

Talk of recent advances in quantum computing has security professionals wondering if encryption algorithms like RSA are now vulnerable and need to be replaced or completely discarded. This talk will provide a brief overview of quantum computing and then pragmatically evaluate whether quantum computing is rewriting the security landscape or if quantum more closely resembles the hype of AI / artificial intelligence. Drinks will be served (virtually), so have your favorite beverage handy.

Presenter Bio:

Robert Perry is the Chief Information Security Officer (CISO) for Carilion Clinic, one of the largest hospitals and healthcare providers based in southwest Virginia, serving nearly one million in the Virginia community and surrounding areas.

As an expert in the technology industry, Mr. Perry’s charismatic speaking style and passion for technology and cybersecurity have made him a sought after speaker at conferences. Speaking topic range in areas including: cybersecurity systems, and tools, attack and counter attack cybersecurity response systems, authentication and access control.

Mr. Perry is a high performance IT leader with over 20 years’ experience managing cybersecurity, technology systems and networking. His business and technology experience has allowed Mr. Perry to align technology initiatives with corporate and organizational business objectives.

He holds dual masters degrees: Masters in Technology Management and a Masters of Business Administration (MBA). Mr. Perry’s licenses and certificates include: CISSP (retired), CISA, CCSP, and CCNA-Voice

July 2020 – Password Attack and Defense

July 1, 2020August 6, 2020 / roanokeinfosec

We’re back! RISE is back for the month of July. Once again, we will be hosting a virtual meeting, but we are hopeful that we will be able to meet in person again very soon. This month we are going to cover end to end password attack and defense. So, what does that mean exactly? First, we will cover how nefarious actors steal your user’s credentials and how they use it, then we will discuss what free tools are available to audit passwords and defend against such attacks. Topics covered will be things like Hunter.io, Phishing-Frenzy, Password Spraying, Hash-Cat, DPAT, have i been pwned, MFA and others.

This will be a high-level overview of the entire kill chain process however if we determine that more discussion is needed in one area, we will discuss getting it on the calendar for a more in-depth review. I am looking forward to seeing all of you at the next meeting. Be on the look out for more information regarding online meeting information.

Meeting scheduled for 5:30 pm, July 9^th. Online meeting details sent via email, please subscribe to the mailing list for more information.

See you all soon

Speaker BIO:

rob

Robert Garbee

Twitter: @robgarbee

RISE: Roanokeinfosec.com

Robert Garbee is a Cyber Security Engineer working for the Carilion Clinic Information Security Department located in Roanoke Va. In this role, Robert is responsible for performing threat analysis, network assessments and compliance auditing for enterprise network systems located in various locations scattered across Virginia. He has more than 25 years of experience in information technology and during that time has held positions in information security, information technology and industrial security. His certifications have included Microsoft Certified Systems Engineer (MCSE), Cisco Certified Network Associate (CCNA) and most recently Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker(CEH). Robert is also a graduate of Liberty University and holds a Bachelor of Science degree in Business Management Information Security.

As a founder of the Roanoke Information Security Exchange (RISE) Robert has been asked to present to both local business leaders and community service groups. Additionally, Robert has provided commentary for featured articles in the Roanoke Times and for WSLS News 10 in Roanoke, VA.

Robert can be contacted via the RISE website at Roanokeinfosec.com, or via email at robgarbee@yahoo.com or via Twitter @robgarbee.

June 2018 — Harden Your Defenses

June 1, 2018 / roanokeinfosec

harden_your_defenses

Mark your calendars to join us on Thursday, June 14th, at R&K Solutions for the next RISE meeting! This month Nate Sykes and James Gray will tag-team to present tools for risk management, compliance, and hardening your Windows-based servers. Learn about resources freely available on-line from the Defense Information Systems Agency such as Security Technical Implementation Guides, checklists, and scripts to ease implementation of secure configurations.

Address: R&K Solutions, 2797 Frontage Rd NW, Roanoke, VA 24017

security_controls

Topic: Harden Your Defenses – Host-based Security in your Risk Management

Summary:

In the next RISE meeting we’ll be discussing one of the layers of Defense in Depth. Specifically, host-based security and how to implement Operating System hardening for Windows systems. We’ll be covering What, How, and Why. DoD Security Technical Implementation Guides (STIGs) will be used to create a secure baseline that you can deploy over and over to improve host-based security in your network. We’ll also be discussing how this maps to risk management and compliance framework controls, and how that can bring value to your organization.

Speaker Bios:

Nate Sykes

Nate Sykes is the IT Director at R&K Solutions and one of the founding members of RISE. Nate has worked in all areas of system and network administration. He has been involved in different aspects of security for the last 6 years, mostly involving prevention and detection. He holds GSEC, GMON and Security+ certifications.

James Gray

James Gray is a security professional working in operations and risk management. Some projects involve continuous monitoring, cloud security, and enterprise compliance. His professional history includes software quality assurance (QA/testing) management, training media development, counseling, education, driving buses, and bagging groceries. When he isn’t managing risk, James can be found enjoying the outdoors, gaming, and thinking about things.

Cyber Security Forum: Web Service Security Best Practices

August 1, 2017 / roanokeinfosec / Leave a comment

cyber-security-aug17_post-image

Hello all, this month’s RISE meeting will be a little different, in fact it’s going to be a lot different. This month we are doubling up with the RBTC. The RBTC will be hosting a Cyber Security Forum highlighting Web Service Security Best Practices on Tuesday August 8^th from 5:30pm – 7:30pm at Virginia Western Community College. The speaker will be Adam Memisyazici from Virginia Tech.

Not only will this provide a great opportunity to learn more about Web Security but this also provides a great opportunity to rub elbows with likeminded technologist from the Valley. Please keep in mind that unlike our meetings the RBTC actually needs to you register for this event. Click on the link provided and register quickly. Also there is a minor cost to attend but they probably have better snacks and drinks than we do so it’s probably worth it. In any case, if you can make it I encourage you to attend.

Lastly, I want everyone to understand that that this will not be the norm for us but I do feel that it is a good fit for us this month. If this works perhaps we will do again sometime in the future, if it doesn’t, well we gave it a shot. I have provided additional details below. Please check them out.

Link to register for the RBTC event and location info.

https://rbtc.tech/2017/07/cyber-security-forum-august-8/

We got the money

September 1, 2016September 1, 2016 / roanokeinfosec / Leave a comment

make it rain

We had another good meeting in August, Rob showed us all how to make it rain. We had some fantastic security discussions on various current topics afterwards as well.

Here are Rob’s slides, Risk Assessment, Technical Review and a few photos:

RISE – Roanoke InfoSec Exchange

The premier InfoSec group in the Roanoke, VA region!

Security Management