Wherever we turn it feels like the news is all COVID-19 all the time. Many of us are feeling stressed and overwhelmed and attackers know it. At Microsoft we’ve seen an increase in the success of phishing attacks, one of the common vectors for malware and ransomware infections. Rather than inventing entirely new exploits, attackers are pivoting their existing infrastructure for ransomware and other malware delivery tools to COVID-19 focused lures to get us to click. In this talk we’ll share insights into how the attackers have shifted their lures and provide recommendations for improving detect and response times to reduce the likelihood these attacks will work.
Diana Kelley is the Cybersecurity Field CTO for Microsoft and a cybersecurity architect, executive advisor, and author. Diana writes her bio here: At Microsoft I lead the Cybersecurity Thought Leadership team and leverage my 30 years of cyber-risk and security experience to provide advice and guidance to CSOs, CIOs and CISOs at some of the world’s largest companies. I also produce the #MyCyberWhy podcast series and host the BrightTALK original series, “The Security (Balancing) Act. In addition to my work at Microsoft, I serve on the ACM Ethics & Plagiarism Committee, guest lectured at Boston College’s Master of Science in Cybersecurity program, and serve as the CTO and Board Director of the non-profit Sightline Security, as Board member of WiCyS, on the RSA Conference US Program Committee for 2018-2021, was an IEEE “Rock Star of Risk” in 2016, keynote frequently at major conferences, and, with Ed Moyle, co-authored the book Cryptographic Libraries for Developers. Prior to joining Microsoft I worked as the Global Executive Security Advisor at IBM where I built and managed the IBM Security Research publication process.
At IBM I was a regular contributor to X-Force Research, lead author of IBM’s “5 Indisputable Facts about IoT Security” and co-author of the “Securing the C-Suite” and “Cybersecurity in the Cognitive Era” studies. Earlier in my career, I was the VP in charge of the Security and Risk Management Strategies service at Burton Group, a GM at Symantec, the VP of Security Technology at Safe3W, a Manager in KPMG Financial Services consulting, and the Manager of Global Systems Administration at Dataware Technologies.
I have been Chair of a number of conferences for MISTI, served on the Advisory Board for InfoSec World, Structure Security and the Content Committee for the Executive Women’s Forum and speak and keynote frequently at major conferences including: TED, RSA, CyberTech, CompuTex, ComDex, Interop, BlackHat, and InfoSec World. I appear frequently in media as a cybersecurity expert, including: CBS, NBC, NY Times, WSJ, Time, WGBH, and MSNBC.
The open-source “movement,” as called in the late 1980s, has certainly changed a lot and increased in popularity. Today, Fortune 100 companies and small start-ups are using open source technologies into their environments. But there are still some big questions loom out there like: how to bring open source into the enterprise environment, how do I know the community supporting is healthy, are these technologies going to stick around or fizzle out just when we need them most? Dr. Kelley Misata shares her insights and approaches in helping organizations confidently work along with side open source communities. Her talk will draw on her direct experiences as former Director of Communications with the Tor Project and currently President and Executive Director of the Open Information Security Foundation (OISF), the organization that oversees Suricata.
Dr. Kelley Misata, CEO of Sightline Security ( https://sightlinesecurity.org/ ), President and Executive Director of OISF (Suricata), and former Director of Communication of The Tor Project – a cyber and information security executive with 15+ years of experience in cyber and information security, marketing, and communications. Expert in bridging the gap between technical and nontechnical audiences in information and cyber security conversations and initiatives. Passionate speaker, advocate and leader in information security, open-source communities, responsible digital citizenship, cyberstalking, and privacy. A business-minded, researcher with the groundbreaking dissertation in the cybersecurity of nonproﬁts. Expertise rooted in direct experience as a survivor of cyberstalking.
Looking for presentations from past meetings? Members can access them HERE on the ISSA.org web site.
Continuing Professional Education Units
ISSA Chicago Chapter meeting attendees are eligible to claim CPE units. CPE allotment is determined by your certification body and is typically one CPE per hour of attendance with reporting in quarter-CPE increments. For auditing purposes, the start and stop times of your participation will be provided as evidence in an email following the meeting. ISSA Chicago suggests attendees round down to the nearest quarter; i.e. 1 hour 54 minutes would be reported as 1.75 CPEs
If an attendee participates for less than 15 minutes, the system will not send a confirmation.
Event Anti-Harassment Policy
The ISSA Chicago Chapter is dedicated to providing a harassment-free event experience for everyone, regardless of gender, sexual orientation, disability, gender identity, age, race, or religion. We do not tolerate harassment of event participants in any form. Sexual language and imagery is not appropriate for any event venue, including talks. Event participants violating these rules may be sanctioned or expelled from the event at the discretion of the event organizers/management.
Please follow this link to see the full text of our Anti-Harassment Policy.