Welcome to the ISSA Pittsburgh Chapter

A local chapter of an independent, professional organization committed to improving the effectiveness of Information Security through awareness, education and networking with fellow Security professionals.

A special thanks to our chapter sponsors

Cadre_logo Wombat_logo ism_logo Imperva_logo sophos_logo
Infoblox_logo Fortinet_logo WynnSecure_logo Gigamon_logo Logrythm_logo
Zscaler_logo StealthCare_logo

Chapter Announcements

Chapter Meeting

The next meeting will be held on Tuesday October 3rd. Registration is at 10:30 am and the meeting starts at 11:00 am. Lunch will be at noon and during lunch we will have our second presenter.

Our first presenter is Ken Dickey, Vice President of Business Development for Cadre. Ken will be presenting 'A Path to GDPR (General Data Protection Regulation) Compliance'. Learn what this means, who does this impact and when will this go into effect.

We’ll take a break around noon to grab some lunch then Randy Trzeciak, Technical Manager of CERT’s Enterprise Threat and Vulnerability Management Team and the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute, will present 'Insider Threat Mitigation: Lesson Learned from Actual incidents. The Insider Threat Center has been researching insider threats since 2001 and has amassed a corpus of over 2000 incidents where insiders have caused harm organizations. From these incidents, CERT has developed models of insider behavior (technical and non-technical) that describe how insider incidents tend to evolve overtime. This presentation will focus on lessons learned from actual incidents; provide best practices for the mitigation of insider threats; and provide strategies for building an effective insider risk program.

CERT’s Enterprise Threat and Vulnerability Management Team’s mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing and conducting information security assessments; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. Team members are domain experts in insider threat and incident response. Randy has over 25 years’ experience in a wide-range of topics including: insider threat, cybersecurity, software engineering, project management, information security, and database design, development, and maintenance. In addition to his role with CERT, he also has a dual appointment as Program Director for the Masters of Science in Information Security Policy and Management (MSISPM) program and CERT professor at Carnegie Mellon’s Heinz College, Graduate School of Information Systems and Management. Randy holds an MS in Management from the University of Maryland and a BS in Management Information Systems and a BA in Business Administration from Geneva College.

After the second presentation we will have the drawing for $50 AMEX gift card and lunch. The winner must be present to claim the prize or we will redraw. There will be 2 CPE given to attendees of the lunch meetings.

Meeting location: The Gulf Tower; Gulf Theater. 707 Grant Street on the 3rd floor.
Cost: $10 for members of AITP, ARMA, InfraGard, ISACA, ISC2, ISSA, OWASP, Steel City InfoSec and TRCPA with advance registration

$15 for non-members with advance registration. $5 for students with advance registration

To register in advance for this meeting contact Mike Sotace at mpsotace@edmc.edu. Deadline for advance registration is Friday September 29th, there is an extra $5.00 charge for registration after this date.


On our Events page we have information on the 2nd annual Three Rivers Information Security Symposium