Platinum Sponsors

Security News

Gold Sponsors


Welcome to the Northeast Florida ISSA Chapter
May 2016 Meeting PDF Print E-mail

May 12th General Mtg & 1Hr CPE Preso 4:30-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Avecto

Cost: $10 for guests, Free to Registered ISSA Members

Our guest speaker: Rodger Colvin

Rodger Colvin is a Senior Technology Consultant at Avectro.


Presentation: Social Engineering: Lessons Learned

In this lively presentation, Rodger will use the analogy of the high street bank to share learnings from security principles of the past that are still valid today. With real examples of social engineering and high profile hacks, Rodger will explain why good security is easy with solid foundations in place. He will share insight and tips of where to start with a defense in depth security strategy that really works in the ongoing quest against cyber threats.


For more information visit:


Visit these websites for additional chapter details:

• Local Chapter Website:

• LinkedIn Group Site:

• Patron Sponsors Page:

Schedule for Remaining 2016 Meetings:
6/9 (Verizon 2016 DBIR)

Chapter goals and leadership principles:

• To have informative chapter events and fun professional social networking

• Share and promote vendor neutral best practices for information security

• Promote the educational and ethical standards, and the knowledge base of the ISSA association and the CISSP certification

More info: Please contact the local Board of Directors of the Jacksonville / NE Florida ISSA Chapter at: ISSA - This e-mail address is being protected from spambots. You need JavaScript enabled to view it

• Board Members: Chris Layfield (Verizon Enterprise), Vicki Harris (Maximus), Scott Manning (Black Knight Financial), David Croxton (FIS), Rob Carver (Black Knight Financial), James Case (Baptist Health)

To join ISSA: Go to and click Join Now. For the Chapter selection, find Northeast Florida chapter.


April 2016 Meeting PDF Print E-mail

April 7th General Mtg & 1Hr CPE Preso 4:30-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Optiv Information Security

Our guest speaker: Danny Pickens, Director Global Threat Intelligence Center

Danny Pickens has over five years of experience within cyber security in the areas of intrusion detection, incident handling and management, and cyber threat analysis and fifteen years of experience as an all-source intelligence analyst covering conventional, asymmetric, and counterterrorism intelligence analysis. Mr. Pickens is currently the Director of the Global Threat Intelligence Center at Optiv, managing a staff of Cyber Threat Intelligence analysts charged with conducting research and analysis to support Optiv’s Managed Security Services. Mr. Pickens also serves as a Brigade S-2 NCOIC in the U.S. Army Reserve.

Presentation: Lessons Learned in Intelligence from an MSS

Intelligence in information security is a hard game to play. In this breakout, we will cover some lessons learned at the MSS level, and how those can be translated to enterprise security operations.


For more information visit:


January 2016 Meeting PDF Print E-mail

January 14th General Mtg & 1Hr CPE Preso 430-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Rapid7

Our guest speaker: Patrick Haley, Sr. Security Engineer

Patrick Haley has worked in technology consulting 10+ years and has spent the last 3 years focused primarily on threat and vulnerability management, penetration testing, and incident response. Pat is a senior security engineer/consultant for Rapid7 and helps to build strong security programs with a focus on proactive security and nimble incident detection and response capabilities. He has worked with companies of all sizes, including those in the Fortune 500 as well as the SMB space, spanning almost every vertical including healthcare, finance, retail, government, and EDU.

Presentation: Can you detect an attacker on your network? Can you respond quickly?

This topic will cover some of the most commonly used attack vectors being leveraged in breaches today, and how most organizations are struggling to 1) detect them and 2) respond to them before critical data is exfiltrated from the network and exposed to the public.

For more information visit:


February 2016 Meeting PDF Print E-mail

February 18th General Mtg & 1Hr CPE Preso 430-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Cigital

Our guest speaker: Jeff Sauntry, Managing Principal

Mr. Sauntry is a Managing Principal at Cigital with P&L responsibilities for five states in the Southeastern US, including Florida. Over the span of the two and half decades he has held senior management roles leading software engineering teams for large Independent Software Vendors (ISVs – Novell & Computer Associates), telecommunications (AT&T Consulting), service providers (Unisys & STMS) and big three consulting firms (KPMG and PWC). He currently holds the following industry certifications: CISSP, PCIP, CISM, CCFE & CFE. He is a fellow Floridian that lives in Bradenton, FL. When he isn’t helping customers solve tough security problems he enjoys digital photography, sport bikes and introducing people to the many awesome aquatic opportunities the Sunshine State has to offer. As a certified commercial captain he loves to hosts on or under the water adventures leveraging his rating as a PADI Master Scuba Diver Trainer to certify new scuba divers.


Presentation: Justifying the Correct Security Spend

Demonstrating and quantifying the value or ROI for security expenditures is a tough and never-ending battle. Like every other competing capital expenditure or operating expense, each organization must try to balance investing in the right amount of security to satisfy the organization’s risk appetite while meeting an ever increasing set of regulatory and privacy requirements. Leveraging open source assessments, utilizing industry specific peer-comparisons, and analyzing emerging industry trends are great ways to build a business case for appropriate budget allocation for strategic initiatives & tactical security projects. During this presentation we will explore some of the key considerations for determining whether you should address an organizational capability shortcoming by building the capability organically in-house, or teaming with an external firm or Subject Matter Expert (SME). Capturing the correct metrics, determining the original source of security vulnerabilities introduction, and creating continuous feedback improvement processes can provide critical data points that an organization can utilize to demonstrate and measure the effectiveness and value of specific security initiatives. Finally, we will discuss the opportunity to reduce the cost of remediation by addressing certain security concerns at optimal stages of application/platform deployment. The output of this discussion will provide attendees with the insight and means to answer senior management’s most frequent question – Are we spending the right amount on information security? In the interest of adhering to the allotted time for this presentation, we will focus primarily on application security, secure software development life cycle (SSDLC), PCI DSS v 3.1 requirements, and security testing; but the approach and recommendations are applicable to a wide range of security initiatives.


For more information visit:


November 2015 Meeting PDF Print E-mail

November 19th General Mtg & 1Hr CPE Preso 430-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: STEALTHbits Technologies

Our guest speaker: Brad Bussie, Director of Product Management, STEALTHbits Technologies

Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possess premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.

Presentation: Cleaning Up AD Once and For All

Active Directory is the technical implementation of your business policy. It provides authentication and authorization services for the majority of IT systems and is growing more complex, less secure, and more difficult to manage over time. In short, AD is a mess. Stale resources, an inability to figure out what groups grant access to, no good processes for granting and revoking access, and no involvement by data owners are just a few of the most common problems associated with a messy AD and they prevent most organizations from meeting their operational and security goals. When Active Directory is out of control, it becomes difficult or impossible to answer basic questions about group membership, ownership, toxic conditions like circular nesting, and where stale resources are costing time and money. A messy AD may also prevent you from completing major initiatives like Identity and Access Management, domain migrations or consolidations, and meeting your audit and compliance needs. In this session you'll learn how organizations of all sizes are approaching the growing problem of Active Directory complexity and ways to be proactive and ensure the success of migrations, consolidation, and ongoing management and protection.


For more information visit:



Page 1 of 4
Copyright © 2016 All Rights Reserved.