—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday November 18, 2015
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always
The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.
Gamify Security Awareness
by Mike Woolard from OEConnection
October was Cyber Security Awareness Month, and instead of the run of the mill policy and paperwork signoff, we decided to train and spread the word in a more effective way, by making a game of it. OEC held various training sessions and security games/events throughout the month culminating in a grand event centered around a CTF competition, sponsored by OEC & SecureState, that involved everything the employees learned throughout the month. We were able to draw interest from all sides of the house – tech, non-tech, & executives and did it all without it being mandatory. This talk will cover what was done, how we did it, what worked, what didn’t and what
Mike is a security analyst who has worked in the IT field for 16+ years. 14 of those years were spent in various IT roles including SysAdmin, SysEngineer, DBA, and NetEngineer. That experience has helped him in his current role, where Michael plays an integral part in all areas of the organization to help secure the processes and procedures. Michael manages risk assessments and pentests of the various web applications OEC builds, and leads the security awareness & education program where he designed many workshops and puts on many events. Mike has worked towards various certifications including the CISSP and CEH and is a contributing member of many local security organizations including Infragard, NEOISF, Clevesec and the Information Security Summit.
Tool Dump <aka> Making Heads Explode
Dave has Been busy over the past few months – with the release of the PenTesters Framework, new Unicorn attacks, the attack platform, and more – this talk will go over the latest and greatest, how to use them, and how to be most effective on offense and defense.
David Kennedy (@hackingdave) is founder and principal security consultant of TrustedSec – An information security consulting firm located in Cleveland Ohio. David was the former Chief Security Officer (CSO) for a Fortune 1000 where he ran the entire information security program. Kennedy is a co-author of the book “Metasploit: The Penetration Testers Guide,” the creator of the Social-Engineer Toolkit (SET), and Artillery. Kennedy has presented on a number of occasions at Black Hat, Defcon, DerbyCon, ShmooCon, BSIDES, Infosec World, Notacon, AIDE, ISACA, ISSA, RSA, Infragard, Infosec Summit, Hack3rCon and a number of other security-related conferences. Kennedy has been interviewed by several news organizations including CNN, The Katie Couric Show, CNBC, Fox News, Fox Business, Bloomberg, Huffington Post, Neil Cavuto, Special Report with Bret Baier, On the Wirte with Greta, Chris Wallace, and BBC World News. Kennedy was formally on the Back|Track development team and Exploit-DB team and co-host of the Social-Engineer.org podcast. Kennedy is one of the co-authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Kennedy is the co-founder of DerbyCon, a large-scale conference in Louisville Kentucky. Prior to Diebold, Kennedy was a VP of Consulting and Partner of a mid-size information security consulting company running the security consulting practice. Prior to the private sector, Kennedy worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.
Don’t forget to come early, starting at 6:00 PM, for food and soda.
Another great meeting from NEO Info Sec Forum – we hope to see you there!
– NEOISF Board –