ISC2 New Jersey Chapter Newsletter

Editor-in-Chief: Tran Cheung

Welcome to the (ISC)² New Jersey Chapter's April 2023 issue!

Our goal is to provide the cybersecurity community with monthly New Jersey Chapter news, upcoming events and initiatives, and timely and relevant articles from our dedicated member volunteers.

We invite you to send any comments or suggestions to communications@isc2chapternj.org.

Newsletter Committee

Ken's Korner

Message from the President

All of our programs and events are in full swing this year! Our mentorship program is starting very soon, our monthly meetings are scheduled for the summer, and we just had our spring Happy Hour and our Community Service Day event.

For this month, we are gearing up for our Spring picnic and our annual cybersecurity conference, SECON NJ 2023. We are also partnering with InfraGard NJ and our members are now able to participate in some of their educational and networking events.

This year is an exciting time to be a member of our chapter, as we now have over 400 members!

Welcome Aboard!

Welcome New and Renewed Chapter Members!

David Bloomer, Frank Costeria, Muthukumar Devadoss, Christian Kyle Crisologo, Emy Casper, Chaitu Atluri, Eran Abromovitz, Julia Srienc, Tatyana Levin, Santu Ghosh, Scot Turley, Nick Beach, Richard Mendoza, Peter Cintula, Joel McManus, Christopher Kelly, Ashutosh Mehta, Thaddeus Johnson, and Casey Rauth.

Note for all potential members: Click here to watch a special video from our Welcoming Committee. In this video, they discuss why they love being a member of our chapter. Special thanks to Sammi Fishkin for producing this video!

New Initiatives

(ISC)² Chapter Impact Challenge

Our chapter has accepted the (ISC)² Chapter Impact Challenge for 2023!

The Chapter Impact Challenge is an annual program that provides targeted opportunities for (ISC)² Chapters to be part of the Center for Cyber Security and Education’s global movement for social good through cybersecurity.

Each year, the Challenge will focus on different Center programs and initiatives. Chapters log their volunteer hours and donations each month and receive incentives for participating throughout the year.

This year, our challenge is to bring awareness to (ISC)²'s new "Certified in Cybersecurity" certification. We'll be promoting this certification via bootcamps, study groups, fund raisers, LinkedIn posts, etc.

We strongly believe that the Center for Cyber Security and Education is a worthy cause, so please join us and help make an impact!

Chapter Scholarships!

This year, we will start giving out scholarships to those in financial need and meet our eligibility criteria.

While we are still working out the details for our scholarship program, eligible receipts would receive either a free (ISC)² exam fee and/or a voucher to pay for the first year of your Annual Maintenance Fee (AMF) towards (ISC)²'s new "Certified in Cybersecurity" certification. (A $50 savings.)

If you would like to apply for a scholarship and are an (ISC)² New Jersey Chapter member in good standing, please fill out this form.

Upcoming Events

Public Speaking Workshop

Date: Thursday, May 11th, 2023
Time: 7:00 p.m. to 8:00 p.m.
Location: Virtual Event

Register here.

All (ISC)² New Jersey Chapter members are welcome to join us for this free public speaking program that will be held on a monthly basis.

May 2023 Picnic

Our Spring Picnic is back!

Date: Saturday, May 20th, 2023
Time: 12:00 p.m. – 4:00 p.m.
Location: Roosevelt Park, Edison, NJ (accessible by train)
Cost: FREE!

Bring your family or someone who might want to join our chapter!

Register here.

SECON New Jersey 2023

Please join the (ISC)² and ISACA New Jersey Chapters for their annual cybersecurity conference, SECON NJ 2023 to be held at Kean University, followed by a fun networking event. A virtual option is also available, but onsite is highly encouraged for those that live locally. Please note that this event is easily accessible via train. See below for conference details.

Event Website: njsecon.org

Event: SECON NJ 2023
Date: Thursday, June 1, 2023 | 9:00 a.m. to 5:00 p.m.
Location: Kean University, 1075 Morris Avenue, NJCSTM/STEM Building, Union, NJ 07083
Virtual Location: gather.town

Presenters: Three Keynotes PLUS over 30 speakers/panelists!
Ira Winkler - Field CISO at CYE Security
Michael Geraghty - CISO of NJ
Niloufer Tamboly - Co-Founder/Past President of (ISC)² New Jersey Chapter

We will also be having a Career Track, where attendees can have their resumes reviewed, learn how to improve their social media presence, have their headshot taken, and more!

Registration: Eventbrite Registration

Onsite Registration Fee: $75 for members of (ISC)² and ISACA NJ Chapters / $150 for non-members (lunch will be provided)
Virtual Registration Fee: $50 for members of (ISC)² and ISACA NJ Chapters / $100 for non-members

Note: The (ISC)² New Jersey Chapter’s annual dues are $75, so you can become a member and only pay $75 to attend the conference. (No (ISC)² certification is necessary to join our chapter.)

CPEs: (ISC)² certification holders will earn 7 CPE credits for attending either conference.

SECON 2023 Sponsors

SECON NJ 2023 is supported by these great Sponsors:

Gold Partner Sponsors:

Pondurance
Votiro
Thrive
Esentire
IGI Cybersecurity
mSOC
Marcum Technology
ExtraHop
Grand Canyon University
Format Cyber
Berkeley Varitronics Systems

Silver Partner Sponsors:

ISG - Intelligence Service Group
Rainbow Secure
Cyber Inspired

June 2023 Monthly Meeting

Date: Thursday, June 29th, 2023
Time: 6:00 p.m. - 8:00 p.m.
Location: Virtual

Presenters:
Max Henderson - Senior Manager of Incident Response at Pondurance.
Kip Boyle is the CEO of Cyber Risk Opportunities. He is also the co-host the podcast Cyber Risk Management and is an Amazon best selling author and international keynote speaker for “Crush Your Interviews & Negotiate Your Salary"

Register here.

Volunteer Opportunities

SECON NJ 2023 Volunteer Opportunities

We are looking for SECON NJ 2023 Career Track volunteers (onsite only). We need members to take headshots, review resumes and other career assistance. If you are interested, please sign up here.

Member Bios

Member Spotlight - Aneta Klepacka

Current Initiatives

JuMPstart Mentorship Program

We have had so many people reach out to join the program ... but we want more to make this the best session in our chapter history! If you are motivated to learn from others or share your experiences, come join us!

We are aiming to launch on June 1st, the deadline to be part of the kick-off is the 12th of May.

If you are interested in becoming a mentor or mentee, please fill out this google form or feel free to reach out to Matt Lang via email or LinkedIn:

Linkedin: Matthew Lang, CISSP, CCSP | LinkedIn
Email: mentoring@isc2chapternj.org

To summarize the expectations:
We ask for a 5-month commitment to 2-3 hours per month to be a mentor or mentee. We have the ability to exclude a month to suit your schedule, please note it on the form. We link mentors and mentees together with some guides on how best to succeed. We also have chapter volunteers guiding the engagement direction!

JuMP Program details can be found on the website here.

For this upcoming session, we are emphatically re-engaging with our participants to ensure a solid connection. We believe that this will help us build a stronger community and provide better support to our members. Thank you for your continued support!

Registration Form: Sign up here

Join Our Discord Server!

We now have over 270 members on our Discord Server!

By adding a Discord server to the mix of our communication tools, we now have real-time collaboration between our members 24/7.

For those members that want to communicate on a variety of topics between meetings using Discord, just send Ken an email at president@isc2chapternj.org to get the link.

The members of the Discord Committee are Bryon Singh, Tran Cheung, Giovanni Mercado, John Linkowsky , Krishna Nekkalapudi, Matthew Lang, Michael LeBlanc, Nikunj Shah, Brett Smith and Saurabh Sagdeo.

Discord Blog

Interview with Jose Rodriguez and his journey to CISSP by Bryon Singh

Bryon: What was your motive or inspiration for considering taking the CISSP?
Jose: It really stemmed from the people around me who had the CISSP which encouraged me to pursue the CISSP and to give it a shot. I also was inspired by people from the (ISC)² New Jersey Chapter event. I spoke with Ken, the chapter president, and he said straight up to me “GO FOR THE BIG ONE!” Then, I spoke with David Garibaldi, a chapter member, who was also at the meeting and gave me the confidence to pursue my goal. One thing that added fuel to the fire was when I would introduce myself and I would say all these great things of my background, but then someone would come and introduce themselves to me and say they have the CISSP. That also motivated me to get my CISSP, so that I can say that about myself as well.

Bryon: What was the CISSP exam like?
Jose: It’s a marathon for sure. Some people finished the exam at the 125th question, but I was one of those people who finished at 175. This test is geared toward throwing questions at you consecutively against your weaknesses. Some of my weaknesses were application security, software and cryptography. I wouldn’t say the test is nerve racking, but it’s a test you need to be well prepped for. Another thing is I believe they give you about 50 questions that aren’t scored, but you should take every question as if it was being scored.

Bryon: How was the prep for this exam and how long did it take you?
Jose: It took me exactly 31 days. I was in the military and I pulled a military approach on studying. I was fit for the stress like being thrown into the deep end of the waters and trying to get out. I took a practice exam without studying to see how I would do during the (ISC)² promotion last year. I did the math for a 31-day timeframe and studied 20 pages a day from the official guide and “Destination CISSP: A Concise Guide.” What I didn’t understand from the books, I followed up with mind maps on YouTube. Each day I would do the same thing and I would go back to review the previous day items on what I didn’t understand. This I called my “Rinse and Repeat” method for 31 days. I also used the official (ISC)² practice exam book.

Bryon: After completing and passing the CISSP exam, what are some things you would have done differently?
Jose: For starters, I do not recommend my military “Rinse and Repeat” approach and feeling pressured in a short time. I would recommend 2-3 months at least to study and prep for the CISSP and rest the day before the exam. I recommend studying the official guide and “Destination CISSP: A Concise Guide” in a 1:1 ratio by reading a domain from the official guide then reading the same domain from the “The Destination CISSP” the next day. The Destination CISSP: A Concise Guide is a graphical and simpler version of the official guide and will break down the complex reading. Afterwards, I would recommend you use the “Rinse and Repeat” method with the 1:1 ratio that I mentioned above and you should have a better understanding of the exam material that is needed for the exam.

Click here to read Jose’s CISSP journey in more detail.

Member Contributions

Critical Data Breach Mitigation Practices by Oladiti Komolafe

Safety and privacy are recipes for running a cyber transaction confidently. We live in a beautiful world of cyber technologies that house our data. However, the data is usually at higher risk of a cyberthreat. To protect the data and operate securely in cyberspace, companies must be proactive in their mitigation tactics and strategies.

Deliberate action must be taken to select and implement safeguards and controls to protect the data against known and unknown attacks, especially when faced with the internet environment. In a bid to keep pace with the changing dynamic world and to combat data cybercrime, Tech Companies are rolling out good products aided by artificial intelligence (AI) and machine learning (ML) to detect and prevent anomaly data traffic.

Click here to continue reading the rest of the article.

Educational Training

Grand Canyon University and (ISC)² New Jersey Chapter Partnership

We are proud to present to our fellow chapter members a new partnership we formed with Grand Canyon University!

Grand Canyon University’s Educational Alliance Participant (EAP) program provides a no-cost, non-exclusive opportunity to support your valued employees’ growth by helping them earn a degree, certificate or take a single course with scholarship benefits.

EAP partnership benefits:

10% off tuition scholarship on the degree or single course
Attend class 100% online with over 250 programs from which to choose
Ongoing support from a local counselor, plus free online tutoring, technical support and more

If you’re interested in learning more about this program, you can reach out directly to Lara Bogner by email lara.bogner@gcu.edu or call 602-247-4608.

https://www.gcu.edu/counselor/lara.bogner

NYU and (ISC)² New Jersey Chapter

The (ISC)² New Jersey Chapter and the New York University Tandon School of Engineering have formed a partnership to further educational and credentialing opportunities for students and the cybersecurity community.

In addition to participating in NYU Tandon events, lectures, career fairs, and other professional development activities, (ISC)² will offer students a full membership completely free giving them access to a network of local industry leaders. As part of the agreement, (ISC)² members can sign up for The NYU Center for Cybersecurity (CCS) mailing list to stay current with research and events featuring leading faculty and industry partners at www.cyber.nyu.edu.

To learn more about this program, click here.

Upcoming Presenters

Max Henderson - Senior Manager of Incident Response at Pondurance

Max leads the Incident Response team at Pondurance, where he has served as an Expert Witness at trial and had forensic casework featured on CBS 60 Minutes. Max routinely speaks at public and private events regarding the latest intelligence within forensics.

Max's forensics background includes Reverse Engineering Malware, having earned Advisory Board status with GIAC for exemplary examination scores on the GIAC Reverse Engineering Malware (GREM) certification.

Kip Boyle - Virtual Chief Information Security Officer (vCISO) for Cyber Risk Opportunities, LLC

Kip Boyle is the founder and vCISO for Cyber Risk Opportunities. The company's mission is to enable executives to become more proficient cyber risk managers. Some of their customers include the U.S. Federal Reserve Bank, Boeing, Visa, Intuit, Mitsubishi and DuPont.

Recordings and Slides From Prior Meeting

April 2023 Monthly Meeting

See below for April 2023 meeting recordings:

John Linkowsky - Lead IT Security Systems Engineer for L3Harris
Tim Medin - CEO of Red Siege

Board of Directors

(ISC)² New Jersey Chapter 2023 Board of Directors

President:
Ken Fishkin
President@isc2chapternj.org

Secretary:
Mallik Prasad
Secretary@isc2chapternj.org

Treasurer:
Priyanka De Abrew
Treasurer@isc2chapternj.org

Education Director:
Jose Lagdameo
Director@isc2chapternj.org

Membership Chair:
John Manley
Membership@isc2chapternj.org

Communications Chair:
Tran Cheung
Communications@isc2chapternj.org

Mentorship Chair:
Matthew Lang
Mentoring@isc2chapternj.org