- This event has passed so registration is closed.
This lively discussion will feature an expert seasoned CISO, with experience of hundreds of incidents, running 4 MSSP’s discussing some of the benefits and downsides to consider when looking for help: MSSP’s, consultants, venders and your business. We discuss how to get the most out of an MSSP while maintaining critical “tribal knowledge” staff and get past “phone it in” SLA based outsourcing. We’ll also cover some ideas to make your Board and C-levels work together on the same team, using IR Desktop exercises and escalating to “the Nuclear Option”
Key Take Aways:
- Awareness of some outsourcing benefits and things to look for and what to avoid
- Some new ideas on how to discuss and share risk information to executives
Lee Neely – Information Assurance APL, LLNL
Lee Neely is a senior IT and security professional at LLNL with over 30 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He teaches cyber security courses, and holds several security certifications including GMOB, GPEN, GWAPT, GAWN, GPYC, GEVA, CISSP, CISA, CISM and CRISC. He is a current ISSA International Board Member and former ISSA International Director, Member of the SANS NewsBites Editorial Board, SANS Analyst, and Security Weekly podcast host. You can keep up with Lee @lelandneely
Pete Nicoletti – Field CISO of the Americas, Check Point
Pete has a long history of support of the ISSA and its mission. He was one of the original 4 board members that started the South Florida chapter and was President of the Group for 4 years and helped grow the chapter to hundreds of members. He started the “Hack for the Flag and Chili Cookoff” and large yearly conferences that are still going strong.
Pete has 31 years of IT and MSSP experience and has been a hands-on CISO for the last 18 years and recently joined Check Point as Field CISO of the Americas. Pete’s experience and leadership was most recently at Cybraics Defense as CISO. This company is an advanced Artificial Intelligence and Machine Learning Analytics formed as a DARPA funded project. Pete is the former CISO of Hertz Global, successfully protecting the brand in over 150 countries, 20,000 employees and 10,000 locations. Pete led Virtustream’s (now a Dell company) efforts as CISO to achieve FedRAMP and NIST 800-53 certification in record time and hosted dozens of US Federal Agencies on its most secure cloud design. Pete started the MSSP, security consulting, Pen/Vulnerability Testing Teams as VP of Security engineering at Terremark and successfully guided these services migration in the Verizon purchase. Pete has been a local S. Florida trailblazer for many years, starting a wireless ISP, a network engineering company and an award-winning CRM-telephony Integration Company.
Pete is a founder, leader and member of numerous security groups and is a Board Member and Board Advisor. In 2017, Pete was honored to be selected as a “Top 100 Global Chief Security Officers.” Pete’s cloud security deployments and designs have been rated by Garter as #1 and #2 in the world and he literally “wrote the book” on secure cloud reference designs as published in Intel Press: “Building the Infrastructure for Cloud Security: A Solutions View.”
Nancy Landreville – Security Project Manager (Contractor for Dept of VA), EMESEC
Dr. Nancy M Landreville is an engineer currently engaged in nuclear physics to develop, design, and deploy APIs that enhance various handheld devices for asset remediation and threat management. As a ten-year senior member of IEEE as of 2022; interests in supporting various facets of structural mechanics have become an important goal in evaluating innovations that include the use of blockchain algorithms for network security monitoring to protect cryptocurrency with the use of smart contracts and Ethereum blockchain for data-in-transit and end point protection. She recently mentored professional students including bank attendees for MIT. In 2015, she accepted a contract with a colleague to develop the Insider Threat program for the Army. The soldiers and officers overseas received the training to maintain a means of behavior in awareness, action, and response for all Inside Threats in various environment during the wars and in peace. Her team was a small group of requested soldiers and Officers to provide input on their experiences to prepare cautionary action in the training. She prepared extensive training detail for each level of the Army from enlisted (E3) to Officer (O6). This training course for all levels is taught as an important knowledge-based effort for military in country and overseas. At the end of the contract, she prepared an After-Action Report. She is an innovator and has served as a computer scientist, engineer, developer, and contributor of guidance with NIST and ISOs with IEEE since 2010. She also served as a Management and Program Analyst for the Office of General Counsel and the Office of Inspector General for the Dept. of Veterans Affairs. She is an author, contributor, reviewer, and working group member. She spoke on forensics for a NIST event, and servs on various councils with INSA and is a senior member and Vice Chair for IEEE. She achieved a GPA of 4.0, honors for several of her degrees and was inducted in three honor societies for academic excellence which included Delta mu Delta, International Golden Key, and the National Society of Leadership and Success, Sigma Alpha Pi. She completed two doctoral programs which included engineering, decision making, security management and information technology. She studied her first doctorate with honors for Doctor in Management (DM ABD) and completed her second doctorate with a PhD in Applied Management and Decision Science. She also holds a Master’s degree in technology management, and an honors Master’s degree in Business Administration (MBA), a Bachelor of Science in Law and a Bachelor of Science in Information Technology Management plus a Certificate of Project Management for IT Professionals, a PLGL Certificate from the University and another from the military, completed of JAG courses for all online and self-study, a Certified Network Defender certification (CND), a Cloud Essentials certification (CE), a Cloud Cybersecurity Architecture certification (CCSA) and various other relevant certifications/certificates. One of her first certification activities was the Microsoft Certified Software Engineer (MCSE) and the A+ with CompTIA in Rockville, MD. She also completed the ranks of Associate Professor, and was promoted to a Full Professor several years ago at the University of Maryland where she has served as an Adjunct, Mentor, Course Developer, Course Chair, and Faculty Advisor. In addition, she is active with the Intelligence and National Security Association (INSA) and serves on the Technical Council and Cybersecurity Council as an advisor and researcher. She also taught Blockchain for MIT professional students and provided a webinar on Ethereum blockchain for MIT. She designed Multiphysics application designs and Network designs for extracting forensic findings. She is also active in Security and Leadership as an ISSA Cyber Executive member at the Chief Information Security Officer (CISO) level of expertise. She has extensive experience as an author, educator, and academic in addition to her service as a former government executive and a military veteran.
ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.