Welcome to the Pittsburgh Chapter of ISSA

A local chapter of an independent, professional organization committed to improving the effectiveness of Information Security through awareness, education and networking with fellow Security professionals.

A special thanks to our chapter sponsors

Cadre_logo Aruba_logo ism_logo CyberImperva_logo sophos_logo
Infoblox_logo One Identity logo Seiso_logo Gigamon_logo Logrythm_logo
Sentinel One logo Secureworks_logo Logrythm_logo Wombat_logo McAfee_logo

Chapter Announcements

Chapter Meeting

The next meeting will be held on Tuesday December 4th. Registration is at 10:30 am and the meeting starts at 11:00 am. Lunch will be at noon. During lunch we will have our second presenter.

Our first presenter, Brett Tucker is the Technical Manager of Cyber Risk Management in the CERT Program at Carnegie Mellon University’s (CMU) Software Engineering Institute (SEI). Brett will be presenting ‘Connecting the Cyber Professional to the Executive—Integrated Risk Management for the Enterprise’.

Organizations need adaptable, agile frameworks that allow executives to have a real-time view of cyber risks and tools and processes in place to ensure risk management is consistent down to the analyst level.  To address this, the SEI seeks to connect technical expertise to executive decision makers using Enterprise Risk Management (ERM) principles, tools, and processes to facilitate understanding and prioritization of complex risks in the midst of all other enterprise risks competing for response and resources.  Risk management techniques provide a compelling business case with the new revision of OCTAVE risk management process with OCTAVE FORTE.  This presentation will introduce the principles found in OCTAVE FORTE which focuses on building an ERM program for nascent organizations and then drives risk management with a process that spans the risk management life cycle. 

Brett is responsible for a research and development portfolio focused on improving the security and resilience of the Nation’s critical infrastructure and assets with specific focus on risk management and resilience. Brett has 19 years of experience in engineering, risk management, and technical management within the public and private sectors.

Prior to joining the SEI, Brett was the Global Risk Manager for Westinghouse Electric Company where he managed the corporate enterprise risk portfolio and global insurance programs. Preceding that role at Westinghouse, Brett also managed a project controls organization as well as led the engineering, procurement, and installation of Instrumentation & Control suites in AP1000 nuclear power plants. Prior to Westinghouse, Brett served as an intelligence officer at the Central Intelligence Agency and also served as a defense contractor for the Naval Sea Systems Command. Brett is also a veteran of the United States Navy as a member of the Naval Nuclear Propulsion Program. Brett holds a Bachelor of Science degree in Chemical Engineering from the University of Notre Dame, a Master degree in Engineering Management from Old Dominion University, and an MBA from Penn State University. Brett is an active member in the local business community as a member of the Project Management Institute (PMI) and holds a Project Management Professional (PMP) certification from PMI. Additionally, Brett is a member of the American Society for Quality (ASQ) and holds a certification as a Six Sigma Black Belt (CSSBB) from ASQ.

We'll break around noon to grab some lunch and then Seth Hammerman, Sales Engineer for McAfee's Mvision Cloud, will be present, ‘From Prevention to Protection: Data as the New Security Perimeter’.

The traditional security model was invented for a world where IT services controlled data behind the enterprise perimeter. With the rise of cloud and mobile, organizations must shift from a prevention to a protection model. In this session, gain understanding of most common cloud security strategy challenges and solutions.

Seth Hammerman has 20 plus years of experience in Information Security, be it System Engineering, Sales Enablement, or Partner Training. He has worked for companies like NetForensics, Computer Associates, (previously Wily Technologies/Timestock) Infoblox, Netskope, Forcepoint (formerly WebSense) Cloud Harmonics, and Skyhigh/McAfee. 

Always learning, Seth got his EMBA in Technology Management from Stevens Tech in 2012, his CISSP in 2015 and is now tackling the CCSP exam (Certified Cloud Security Professional). When not studying or reading up on Cloud Security, he volunteers his own time at MANNA in Philadelphia (www.mamnnapa.org) Seth is also an avid bicycle rider, he just rode 75 Miles for the BikeMS City to Shore charity event in September of this year. 

After the second presentation we will have the drawing for $50 AMEX gift card and lunch. The winner must be present to claim the prize or we will redraw. There will be 2 CPE given to attendees of the lunch meetings.

Meeting location: The Gulf Tower; Gulf Theater. 707 Grant Street on the 3rd floor.

Cost: $10 for members of AITP, ARMA, InfraGard, ISACA, ISC2, ISSA, OWASP, Steel City InfoSec and TRCPA with advance registration. $15 for non-members with advance registration. $5 for students with advance registration

To register in advance for this meeting contact Mike Sotace at mpsotace@edmc.edu. Deadline for advance registration is Friday November 30th, there is an extra $5.00 charge for registration after this date.