A breakdown of the complex eco-system of ECrime Actors
Wizard Spider, Carbon Spider, Prophet Spider, no we’re not talking about the next Marvel movie, we’re talking about ECrime Actors. This month we have brought in Cristian Rodriguez from CrowdStrike to discuss how various ECrime groups operate and how they spread evil to organizations like yours. Christian will provide an overview of the observed tactics, techniques and procedures (TTPs) used by various groups and will allow us to see the nasty underbelly of the world of the Spider.
Cristian Rodriguez is a Sr. Sales Engineer with CrowdStrike, working with some of the largest global enterprise clients. His background includes the implementation and consultation of a variety of security tools, such as Endpoint Security, DLP Platforms, Mobile Security, Proxy and IDS/IPS technologies. Before working with CrowdStrike, Cristian worked with the likes of security resellers, NH&A & FishNet Security (now Optiv) and technology vendors such as Forcepoint, & Zimperium.
This will be both a live in person event as well as virtual via Zoom.
We want to thank ECPI for hosting this event. Looking forward to seeing you all there.
Thursday September 9th, 2021 @ 5:30pm @ ECPI Roanoke
5234 Airport Rd NW #200
Roanoke, VA 24012
Two new posts are now available on our YouTube site.
Ed Summer’s talk regarding Automation via Ansible and Rob Perry’s discussion regarding Space Weather. If you missed these meetings now is your chance to see the pros in action.
Automation via Ansible
“Those who shoulder disaster recovery responsibilities won’t want to miss this one. This presentation will introduce the topic of “space weather” and why you should be concerned about it, including strategies you can take to minimize the impact of some worst-case scenarios of solar cycle 25.” -Rob Perry
I get it, what the heck is space weather and why should I be concerned about it? Well Rob Perry is bringing us the goods again. If you have ever attended one of Rob’s presentations you know that he has a great ability to take a very complicated subject, break it down and make it fun and enjoyable with a slant toward security. His previous presentations on Block Chain and Quantum Computing were awesome and we expect this one to be just as good. Stay tuned for more information on this one.
Thanks to SyCom Technologies for hosting
What: Securing Against Space Weather
When: Thursday, August 12th, 5:30 pm
Sycom Technologies Colonnade Corporate Center 2800 Electric Rd #103c, Roanoke, VA 24018
Zoom invitation sent to email
Robert Perry is the Chief Information Security Officer (CISO) for Carilion Clinic, one of the largest hospitals and healthcare providers based in southwest Virginia, serving nearly one million in the Virginia community and surrounding areas.
As an expert in the technology industry, Mr. Perry’s charismatic speaking style and passion for technology and cybersecurity have made him a sought after speaker at conferences. Speaking topic range in areas including: cybersecurity systems, and tools, attack and counter attack cybersecurity response systems, authentication and access control.
Mr. Perry is a high performance IT leader with over 20 years’ experience managing cybersecurity, technology systems and networking. His business and technology experience has allowed Mr. Perry to align technology initiatives with corporate and organizational business objectives.
He holds dual masters degrees: Masters in Technology Management and a Masters of Business Administration (MBA). Mr. Perry’s licenses and certificates include: CISSP (retired), CISA, CCSP, and CCNA-Voice
We’re starting summer off with a great meeting that you’ll want to attend. Special Agent Michael Mehnert of the FBI’s Cyber Intrusions division will join us to discuss the ‘Current State of Affairs’. This is a fantastic opportunity to hear from someone who works with and understands contemporary events of cyber crime.
This will be an in-person only event – be sure to mark your calendar and plan to join us on July 8th! As an additional incentive – we will have pizza at this meeting sponsored by Fortinet!
What: FBI Cyber Intrustions “Current State of Affairs”
When: Thursday, 08 July, 5:30pm
We are very excited to let everyone know about our next live and in person RISE meeting on June 10th at 5:30pm at ECPI in Roanoke, VA. If you can’t make it in person or aren’t quite ready to venture out, that’s fine we will continue to stream the events via our Zoom meeting events. Our next speaker will be our own Ed Summers. Ed will be discussing automation via Ansible. See below…
Automation provides many benefits from “force multiplication” to improved configuration consistency. A modern IT professional should develop an understanding of automation capabilities and concepts congruent to their role in the ecosystem.
This month we’ll explore one such automation tool: Ansible. Initially released in 2012 and acquired by Red Hat in 2015, it is an open-source application for “provisioning, configuration management, application deployment, and intra-service orchestration”. It’s agent-less operation and ability to interface with a wide variety of manageable resources (operating systems, network appliances, container systems, cloud providers) helped it become a common name in automation circles.
The capabilities of Ansible are huge and we’re just going to take a peek. Join us for a blitz introduction to Ansible, some of it’s basic capabilities, and demonstrations of some potential use cases in the context of security. We hope to open your eyes to the possibilities and benefits of automation in your environment and encourage you to explore further how automation can help your team do more, do faster, and do consistently.
Ed Summers somehow lost his way as a Network Engineer and ended up architecting a secure cloud environment for data center migrations. Title-less between Network Engineer and Cloud Engineer, he finds ways to deliver data by understanding both the infrastructure and applications to distill true requirements from stated desires. His current role has forced him to quickly learn cloud environments and adapt traditional on-premises requirements and processes to the new realm. He continues to serve as a senior Network Engineer for an on-premises environment – digging through pcaps, mediating latency disputes, and commenting occasional iRules for one-off application requirements. Ed has done some pretty cool things in his near 20-year career but is never satisfied on his quest to learn more. In his spare time he enjoys learning Python, shooting, ice hockey, and raising his daughter to be better than him. He holds a B.S. in Electrical Engineering from Virginia Tech.
5234 Airport Rd NW #200
Roanoke, VA 24012
Virtual Meeting Info:
Zoom, more info coming
We will not hold a meeting for May – but do not fret! We already have June and July meetings in the works as well as some promising news for the return of in-person events!
RISE is closely watching reports that Virginia may remove gathering restrictions in June pending favorable metrics on vaccinations and infection rates. Keep an eye here on the RISE blog as well as RISE emails as the news develops.
We look forward to seeing you in June and thank you for your continued support!
We’d like to thank our March presenter, Rob Perry (CISO of Carilion Clinic), and all of you who were able to join us for our virtual event! Check out the RISE YouTube channel for this session’s recording. Watch it again or share it with your friends and colleagues!
Many of us have crossed the one-year marker of operating under COVID19 restrictions. Upon awakening to remote work as a requirement for worker safety, businesses rushed to implement remote access and collaboration tools. Although the tools and capabilities are nothing new, the scale of implementation and types of users consuming them was previously unanticipated for some in leadership and security departments.
We have seen 2020 be an unprecedented year for networking and security teams with the explosion of digital transformation and remote working. Rapid pivoting of people, process, and technology to adjust to new operational norms has ensured business continuity, but it hasn’t come without additional security challenges and risks. With more connected people, applications, and devices, organizations need to have a holistic approach to managing cyber risk. With no end in sight to this new shifting landscape and with adversaries on our heels, how do we prepare for what lies ahead? This session will focus on ensuring we addressed the security and network risks of today and are prepared for the challenges of tomorrow.
April 8th, 2021 @ 5:30pm
Virtual Event – sign up to RISE email list for connection info
Renee Tarun has over 20 years’ experience in the cybersecurity and information technology fields with leadership experience in development and engineering, operations, strategy, policy, and portfolio management, across the intelligence community, law enforcement, and private industry.
As Deputy CISO at Fortinet, she focuses on enterprise security, compliance and governance, and product security. Prior to joining Fortinet, she served as Special Assistant to the Director, National Security Agency (NSA), for Cyber and Director of NSA’s Cyber Task Force, in which she advanced NSA’s execution of its cybersecurity and cyber-related missions by overseeing resources; defining and integrating mission capabilities; and shaping agency strategy and national level policy at the White House.
Renee is also a board member for the George Mason University Volgenau School of Engineering, creating synergy between the school and the professional community by addressing workforce development demands, industry expectations, and employment trends.
Save the date! On July 20-22, 2021, the Virginia Cyber Range presents the 2021 Cybersecurity Education Conference. This will be a virtual conference and the Call for Proposals is open for workshops and presentations fitting this year’s theme: “Cracking the Code to Cybersecurity Education”. Follow the link above fore more information and stay tuned to the Virginia Cyber Range website or Twitter (@VaCyberRange) for more information.