Ken's Korner
Message From The President
It looks like we are starting out of the gate at full speed. I'm very proud to be on a team with such dedicated volunteers.
Below are some of our highlights for this year so far:
- We registered over 40 new members within just two months
- We're on our 3rd issue of our new newsletter with over 300 subscribers
- Our website has been revamped (isc2chapternj.org)
- Starting a monthly public speaking workshop
- Our average meeting attendance is between 60-70 people
This organization is run 100% by volunteers. Please reach out to me to learn how you can be part of making our Chapter a great community to learn, share and build relationships.
ISC2 NJ Chapter
Chapter News
Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’
President Joe Biden laid out a series of cybersecurity initiatives last week at his inauguration, including earmarking $10 billion for various cybersecurity defense initiatives. Those included hiring key security personnel to support for the Cybersecurity Infrastructure Security Agency (CISA).
The significance of this strategy is considered paramount, with the U.S. government reeling on the heels of the SolarWinds cyberattack. And, while Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, applauds Biden’s plan, he stressed that it should merely be considered a “down payment” toward a much larger sum needed to invest in digital security.
threatpost.com
SolarWinds Hacks: Virginia Regulator And $5 Billion Cybersecurity Firm Confirmed As Targets
A researcher has released a list of 23 new, alleged targets of the unprecedented SolarWinds hacks that formed a huge espionage campaign first revealed in December. The attacks were alleged to have stolen emails from major government agencies, including the Justice Department and the Treasury, and led to breaches at myriad private companies. Now more victim names are coming out, each “handpicked” by the allegedly Russian cyber spies, though the impact on each target ranges from minimal to a mystery.
forbes.com
Cybersecurity: Hacking victims are uncovering cyberattacks faster - and GDPR is the reason why
The amount of time hackers spend inside the networks of compromised organizations before being uncovered has massively declined across Europe -- and GDPR is a key reason for the drop.
Analysis of cyberattacks by researchers at cybersecurity company FireEye reveals that the median dwell time from the start of an intrusion to it being identified has fallen from 177 days last year to 54 days now -- a 70% decrease.
The conclusion in the newly released FireEye Mandiant M-Trends 2020 Report is that this is down to the European Union's privacy-boosting General Data Protection Regulation (GDPR).
zdnet.com
66% increase in GDPR data breach notifications across European markets
According to a Linklaters analysis, there has been a major increase of data breach notifications to data protection authorities, with an average increase in notifications of 66 percent compared to Year 1 of the EU General Data Protection Regulation (‘GDPR’).
However, the UK has bucked the trend, reporting a decrease. The analysis covered seven European countries, including Belgium, France, Germany (Free State of Bavaria), Italy, Poland, Spain and the UK, within a one-year period (May 15, 2018 to May 24, 2019).
securitymagazine.com
Upcoming Events
Public Speaking Workshop
Monthly meetings starting on February 11, 2021.
Click here to register.
- Conducted by Steven Santamorena, Arthur Hedge, and Ken Fishkin
- You will be able to learn how to improve your public speaking skills in a no stress environment using proven methods and techniques
February 2021 Meeting Agenda
NJ Chapter February 2021 Meeting will be held on Thursday 2/25/2021.
Click here to register.
Presenters:
Alfonso Yi , the Data Privacy Officer at Ralph Lauren will discuss the current global privacy landscape.
Frank Cicio – Founder and CEO of IQ4 with Alexander Abramov - Past ISACA NY president, will discuss how we can become mentors to college and high school students as they gain practical cybersecurity skills to fill our industry's workforce gap.
ISC2 NJ Chapter
March 2021 Meeting Agenda
NJ Chapter March 2021 Meeting will be held on Thursday 3/25/2021.
Presenters:
Grace Chi – PulseDive, a NJ based Threat Intelligence startup
Chris Dixon – CohnReznick – Manager of Computer Forensics and e-Discovery
April 2021 Meeting Agenda
NJ Chapter April 2021 Meeting will be held on Thursday 4/29/2021.
Presenters:
Jason Starr and Will Mendez from CyZen - Planning and performing a penetration test
Marene Allison - Chief Information Security Officer at Johnson & Johnson
Annual Social Engineering Awareness Conference (SECON) 2021
This conference is going to be great and here's the latest info on it:
Date: Thursday, May 13th
Time: After work – TBD
Location: A very unique and humorous experience - (virtual of course)
Confirmed Speakers:
Jared Maples – Director of NJ Office of Homeland Security and Preparedness
Sajed “Saj” Naseem – CISO of NJ Courts and Adjunct Professor St. Johns University and Rachael Rakoski – Managing Partner at XPAN Law Partners
James McQuiggan - Security Awareness Advocate at KnowBe4, College Professor, (ISC)2 Chapter President (Central Florida)
SECON 2021
Volunteer Opportunities
Volunteer Positions and opportunities
We have the following volunteer positions and opportunities available:
- CISSP study program
- Newsletter contributor – submission date is by February 20th
- Education committee – hard and soft skills
- Mentorship program – will be discussed in more detail at February's meeting
- Speaking opportunities at member meetings
- Facelift for Facebook
If you're interested in any of these volunteer opportunities, please reach out to Ken Fishkin at president@isc2chapternj.org.
ISC2 NJ Chapter Volunteer
Member Contributions
Application 101: Understanding OWASP Top 10 - Part 1 by Disney Paul
Our regular contributor Disney Paul has submitted another article for those interested in learning more about Application Security. This is part one of his three part series.
Continue reading click here.
linkedin.com
WHAT IS PAM and WHY YOU NEED IT by Rasheen Whidbee
Another great article by our regular contributor, Rasheen Whidbee. This article discusses the importance of implementing a Privileged Access Management (PAM) solution for your organization.
Continue reading click here.
linkedin.com
Where Information Systems Security and Aircraft Maintenance Meet by Edwin A. Brockner
Check out the new article submission from our member, Edwin Brockner. It's about applying his aircraft maintenance knowledge to cybersecurity.
Continue reading click here.
linkedin.com
Upcoming Presenters
Alfonso J. Yi
Currently appointed as IT Risk & Data Protection Officer at a Fortune 500 global luxury brand. Prior to this served as Chief Information Security Officer (CISO) for a private consulting firm specialized in regulatory advisory services, and previously held various Governance, Risk, Compliance, and Privacy leadership roles in Energy, Financial Services, Security and Insurance industries.
Alfonso holds a Masters in Information Systems from The Stevens Institute of Technology in Hoboken, New Jersey, and a Bachelor’s degree in Computer Science & Engineering from New York University , Tandon School of Engineering, Polytechnic Institute in Brooklyn, New York.
He also holds various industry accreditations from the ISC2 Certified Information Systems Security Professional (CISSP), ISACA Certified Information Security Manager (CISM), Cybersecurity CSX, and International Association of Privacy Professionals (IAPP) Certified Information Privacy Manager (CIPM), European Privacy Professional (CIPP/E), and was recognized as a Fellow of Information Privacy FIP.
linkedin.com
Alexander Abramov
Alexander Abramov is a Head of Information Risk at a major global bank in New York. Previously he has served as a Director of Information Risk at Bank of New York Mellon, Technology Risk Controller at JP Morgan, Practice Leader for IT Governance and Compliance at EY, and a Head of Application Development and a DISO at Bristol-Myers Squibb.
From 2017 to 2019, Mr. Abramov has served as the President of ISACA New York Metropolitan Chapter, the largest ISACA chapter in the world counting over 4,300 members. He has been a member of Board of Directors since 2007, serving as a founding Chair of Corporate Relations Committee, chairing Strategic Planning, Wasserman Award, and Education Committees. In 2014 and 2015, Mr. Abramov was the founding Program Co-Chair of the New York Metro Joint Cyber Security Conference co-sponsored by twelve major professional associations in the New York Metro area.
As the President, Mr. Abramov has initiated and developed partnerships with the leading cybersecurity education and research organizations: Law Enforcement Alliance for Digital Evidence Response (LEADER); iQ4; and Americas Institute for Cybersecurity Leadership (AICL.)
AICL has recognized Mr. Abramov as an Executive Fellow in 2019. His other credentials include Certified Information Security Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), and FINRA Series 99.
Mr. Abramov holds both Masters in Electrical Engineering (Robotics and Automation) and an MBA. He has co-authored two books (“Cyber Risk” and “Governance, Compliance and Supervision in the Capital Markets”) and has presented at over 30 conferences in North America and Europe on topics of Information and Technology Risk.
linkedin.com
Frank C. Cicio Jr.
Frank C. Cicio Jr. is CEO and Founder of iQ4 and the Cybersecurity Workforce Alliance (CWA). iQ4’s Workforce Risk, Pathways and Development platform, automates the human capital supply-chain between business, government and education and will transform our next generation workforce. The CWA’s mission is to improve the technology-risk and additional skills disciplines in STEM and business to scale the college student and employee workforce. Frank is co-Chair of the NICE Career Development and Workforce Planning Framework Sub-Group, focused on institutionalizing Role Profile based competencies and skills cross-industry sector. Frank is also a member of the Council on Foreign Relations.
Prior to starting iQ4 in 2007 Frank is a serial entrepreneur in emerging technology for 35 years taking two start-up companies public, one start-up acquisition and one turnaround company acquisition. These results were inspired through world class team building and entrepreneurship, leading to the transformation of high growth private businesses into public market leaders.
Frank is an industry thought leader and evangelist speaking in boutique as well as major industry forums, his organizations have been recognized globally, winning dozens of awards including Logic Works feature on the front cover of Business Week and serves on various boards including NYU Poly Advisory Board, ITiB President, venture partner with InSight Capital Partners and the Workgroup Lead for NICE Framework Public Sector.
Frank was born in Queens NY, has a Bachelor of Science Degree in Marketing from Manhattan College, post-graduate work at both Princeton and the University of Pennsylvania’s Wharton School of Business and a patent pending in workforce supply chain technology. He has two teenage boys, a wonderful and supportive wife, coached soccer for ten years, jazz and blues keyboardist, avid tennis, skier and fisherman.
Contact – m 201 914 4655 e frank@iq4.com
linkedin.com
Recordings and Slides From Prior Meeting
Archived Meeting Recordings
Please visit https://www.isc2chapternj.org/ to access previous meeting recordings.
ISC2 NJ Chapter