Platinum Sponsors

Security News

Gold Sponsors


Welcome to the Northeast Florida ISSA Chapter
October 2016 Meeting PDF Print E-mail

October 27th General Mtg & 1Hr CPE Preso 4:30-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Splunk

Cost: $10 for guests, Free to Registered ISSA Members

Speaker: Rene Aguero

Rene Aguero is currently the Area Manager of Security Markets at Splunk. Prior to Splunk he was at Rapid7. At Rapid7, he helped architect Rapid7 deployments and services ranging from Vulnerability Management, Penetration Testing, User Threat Actor Detection and Attribution. Prior to Rapid7, Rene worked in the financial sector in Southern California as an IT Manager where he designed networks and security solutions to keep PII and Credit Card data secure through the use of FWs, IPS/IDS and various encryption methods. Rene received a Master of Science in Business Administration with Emphasis in IT Security, IT Audit and Computer Forensics from California Polytechnic University Pomona. Rene has appeared on Associated Press and their consuming news agencies on topics like the End of XP and the Anthem healthcare breach.

Presentation: Tipping The Scales Back In Our Favor

The economics of attacks heavily favor the attackers. 0 day vulnerabilities and malware kits are coming with support and SLAs similar to legitimate software vendors. It is becoming increasingly difficult to stop even lower budget attacks because of this. International/Nation state cyberespionage and cyberwarfare fuels the fire of hactivists and cybercriminals by allowing the former bleeding edge tools and techniques to make their way down the chain once they are no longer deemed effective at the government level. Financial institutions were the first business sector to suffer persistent attacks because of the ease of monetization of the data that could be bought and sold on the black market. Large retail sectors quickly followed due to the prevalence and ease of access to credit card data that can quickly be turned into cash. Healthcare targets are next on the cybercriminals lists. Healthcare organizations have not been held to the same data security standards as financial institutions and payment card vendors, but their data is harder to change (SSN, healthcare data). This data can be used to spearfish, perform tax fraud and successfully execute identity theft. All of these events validate the increasing need for advances threat detection systems and ultimately faster and better forensics. Signature based AV is dead. Symantec has said so. Sandboxing can be circumvented with advanced malware that detects whether it is running within a VM. Polymorphic malware and exploits that run at the kernel level are almost impossible to stop. All of the data gathered breaches lead to better spear phishing attacks to the harvesting passwords. These passwords would allow legitimate access to data in networks and in the cloud. Password and stolen credential attacks are not only difficult to detect but also difficult to investigate. Attackers are starting to mine this data that will ultimately be used in future attacks. Forensics tools that focus on user credentials, stolen passwords and lateral movement make it easier to uncover threat actor movements within a network and the extent of the breach. Despite all of the threats heading our way, this is not a moment for despair. This is a time for action. Building security response teams, bringing on security response services and using tools that limit the extent of breaches and attacks are critical to start to tip the scales back in our favor.


For more information visit:


Visit these websites for additional chapter details:

• Local Chapter Website:

• LinkedIn Group Site:

• Patron Sponsors Page:

Schedule for Remaining 2016 Meetings:

Chapter goals and leadership principles:

• To have informative chapter events and fun professional social networking

• Share and promote vendor neutral best practices for information security

• Promote the educational and ethical standards, and the knowledge base of the ISSA association and the CISSP certification

More info: Please contact the local Board of Directors of the Jacksonville / NE Florida ISSA Chapter at: ISSA - This e-mail address is being protected from spambots. You need JavaScript enabled to view it

• Board Members: Chris Layfield (Verizon Enterprise), Vicki Harris (Maximus), Scott Manning (Black Knight Financial), David Croxton (FIS), Rob Carver (Black Knight Financial), James Case (Baptist Health)

To join ISSA: Go to and click Join Now. For the Chapter selection, find Northeast Florida chapter.


September 2016 Meeting PDF Print E-mail

September 22nd General Mtg & 1Hr CPE Preso 4:30-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Quadrant Information Security

Cost: $10 for guests, Free to Registered ISSA Members

Speaker: Champ Clark III

Champ Clark III is a founder and CTO at Quadrant Information Security. Champ got involved in computer and network security at an early age and has been an author for Syngress publishing. He has been a speaker at HOPE, Defcon, CCC and various private events. Champ is the primary author of Sagan, the advanced log analysis engine which helps thousands of users and customer make sense of logs every day

Presentation: Trends Seen In The SOC and Honeypots!

Cyber Security trends across the landscape are impacting all business verticals and threat intelligence processes, both traditional and proactive. We will share cyber security trends and “what we are seeing” from our SOC, monitoring/investigating/validating and alerting 24/7 in real-time to our clients both locally as well as globally. Then we will explore some of the standard methods of big data collection and more traditional threat intelligence processes and how it differs from the proactive approach we feel is the newest way of gathering threat intelligence in turn allowing for better Information Security posture for our clients. For example, we will explore the value and use of honeypots, how they are set up and how they are utilized for intelligence. Some of the traditional methods, although useful, tend to lack context and be reactive. Finally, we will explore how we are being proactively intelligent and utilizing some new quality methods and processes. In particular, we have a patent pending process called the APT Deflector that is a part of our overall BlueDot threat intelligence and Sagan Solution. “If ‘big data’ is the ‘next oil’, then the money will be in the refineries.” We are building the refineries.


For more information visit:


June 2016 Meeting PDF Print E-mail

June 9th General Mtg & 1Hr CPE Preso 4:30-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Verizon


Our guest speaker: Bhavesh Chauhan

Bhavesh Chauhan is a Principal Client Partner - Security Evangelist within Verizon CTO organization. Previously a Principal in Financial Services and lead the Security Engineering and Professional services for the North East Region of Americas, which includes Enterprise, Government and Education customers for Verizon. Bhavesh has over 15 plus years in Cyber Security and Business Continuity Solutions. Bhavesh has served as an Information Security officer, Government Accreditor, Security Principal, Consultant, Engineer and Architect on security engagements; and has delivered various information security engagements to assist customers mitigate risks and improve security maturity across the enterprise. Bhavesh routinely represents Verizon at information security forums and has delivered various public speaking engagements. He is a board member of the ISACA local chapter. Along with his experience, Bhavesh holds a Master’s of Science Degree in Physics and a number of professional security certifications such as CISSP, CISA, and CISM. Furthermore, he has been a CESG certified Information Assurance advisor to UK public sector from 2001 to 2010.


Presentation: Verizon 2016 DBIR

The Verizon Data Breach Investigations Report (DBIR) uses incident data from contributors around the world. But it also calls on the intelligence gathered by Verizon’s expert security teams. Across hundreds of security assessors and consultants, our nine Security Operation Centers (SOCs), our cyber intelligence teams, and forensics labs on four continents, we process tens of millions of security events each day and around five billion events each month. With this intelligence, we help our customers understand the risk, set up their security policies and operations, identify threats, investigate and contain attacks, and address security compliance requirements.


For more information visit:


August 2016 Meeting PDF Print E-mail

August 18th General Mtg & 1Hr CPE Preso 4:30-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Proofpoint

Presentation: Secure Your Organization Against Email Threats

Attackers today do not just use one channel to launch their attacks - they use all of them. Email, social media, networks, and mobile apps are all part of the modern cybercriminal's arsenal, and many of these attacks are invisible to traditional security tools. Effective cybersecurity strategies require more than just accurate detection. Solutions that enable efficient response are also imperative for true protection. Join us to learn how to protect your people, data, and brand from impostor emails, ransomware, and other emerging threats seen in today’s complex threat landscape.


For more information visit:


May 2016 Meeting PDF Print E-mail

May 12th General Mtg & 1Hr CPE Preso 4:30-6pm, Networking 6-7pm with Appetizers

Meeting Location: Sheraton Hotel, Jaguar II, 10605 Deerwood Park Boulevard, Jacksonville, FL 32256

Meeting Sponsor: Avecto

Our guest speaker: Rodger Colvin

Rodger Colvin is a Senior Technology Consultant at Avectro.


Presentation: Social Engineering: Lessons Learned

In this lively presentation, Rodger will use the analogy of the high street bank to share learnings from security principles of the past that are still valid today. With real examples of social engineering and high profile hacks, Rodger will explain why good security is easy with solid foundations in place. He will share insight and tips of where to start with a defense in depth security strategy that really works in the ongoing quest against cyber threats.


For more information visit:



Page 1 of 5
Copyright © 2016 All Rights Reserved.