2020 November Training Session
When: November 04, 2020 - 1300-1630
Registration: Webinarjam Website
ISACA-RTC Members - Free (Log in to register to ensure discounted fee)
All Others: Free
CPEs: Upto 3
Handouts: Will Be Uploaded When available
Detailes on both sessions will be added when available. Please register at the Webinarjam link above.
Session I - CIS controls and the CIS Benchmarks
Are you looking to improve your cybersecurity posture using the resources that CIS curates on behalf of the cybersecurity community? CIS provides material guidance to the community through its consensus based development of the CIS Controls and CIS Benchmarks. The CIS Controls are a set of prioritized safeguards that your organization would adopt in order to evolve your cyber defense program from basic cyber hygiene through to a mature, institutional level cyber defense. The CIS Benchmarks are consensus based guidance for the lowering of the attack surface for more than 140 different operating systems and software. With the CIS Benchmarks you will have access to instant subject matter expertise useful in deploying system hardening. As a compliment to these free tools and resources, CIS offers CIS SecureSuite that allows you to fully maximize the guidance that CIS provides. CIS SecureSuite has key resources available to you through Membership. Join the CIS Member Success Cybersecurity Solutions Engineer for a discussion on the CIS Controls, CIS Benchmarks as well using tools available through CIS SecureSuite to help your organization improve its overall cyber defense.
Speaker: Ronan Tiu,Center for Internet Security
Ronan Tiu is currently a part of the Sales Engineering team as a Cybersecurity Solutions Engineer working with the Member Success and CIS SecureSuite Sales team. In this role he gives technical demos of the CIS SecureSuite Tools and Resources. Further, he helps bring in new members to CIS SecureSuite and helps current members implement and maximize their use of CIS SecureSuite membership resources. Ronan is continually working on training programs and webinars for CIS SecureSuite members that cover the technical aspects of the CIS SecureSuite resources so they better understand how to obtain the most value from their CIS SecureSuite Membership.
Previously Ronan worked in Financial Technology as a technical sales representative for various Fin-tech firms selling Order Management and Trading Execution software. He holds a BA in Philosophy and has SANS certification (GISF).
Session II - Pen tests and best ways to get ahead of them before attackers do
Speaker: Jon David, Manager, Proactive Services,Mandiant Services
Mr. David is a Manager and Mid-Atlantic Southeast (MASE) Red Team Lead based out of Mandiant’s Alexandria office. Mr. David supports both proactive and strategic engagements. He has led Red Teams engagements for DoD, public, and private sectors focusing on assessing the security posture and architecture of agencies and Fortune 10 companies.
With over 10 years of security experience, Mr. David has an extensive background in networking and system administration, both in Windows and Linux environments. He has a thorough understanding of security best practices and vulnerabilities that organizations face from a strategic perspective.
Mr. David commenced his security career as a network analyst for a major defense contractor in DoD and then specialized in Red Teaming. Currently, leading and providing mentorship to a team of 14 full time Red Team consultants, he works to inspire new offensive security techniques as well as defenses. Additionally, he regularly leads multiple, simultaneous, security assessments and remediations for large organizations in excess of 100k+ assets.
Also, giving back to the community, Mr. David teaches courses in Wireless Security and Network Analysis. With exposure to a wide range of threat actor methodologies and tactics, he provides real world perspective on advanced attacks being performed in the wild. This aids his clients reduce their attack surface and increase their understanding awareness of attacks and how to mitigate them.