July 2019 Monthly Event
5:00 pm - 5:30 pm - Registration & Buffet
5:30 pm - Meeting Starts
5:35 - 6:30 - Session 1: Machine learning Security Threats by Abraham Kang
6:30 - 6:45 - ISACA SV Board Announcements
6:55 - 7:10 - Networking Break (15 minutes)
6:55 - 7:55 - Session 2: Evolution of Malware
7:55 - 8:00 - Raffle and Meeting Adjourn
This session will focus on Machine Learning, which is the future and in some cases the present. Most security professionals and hackers alike are new to this area. At first blush, machine learning looks incredibly difficult. Linear algebra, calculus, statistics, probability, and advanced mathematics. Come to my talk to get a quick understanding of neural networks and the associated hacking methods used against them: trojaning, adversarial examples, adversarial patches, data poisoning, model extraction and training data leakage. Although this talk covers a complex topic, the ideas are explained such that all levels of security practitioners will benefit.
Abraham Kang, CTO, GEEEE, LLC
Abraham Kang is fascinated with the nuanced details associated with machine learning algorithms, programming languages and their associated APIs. Kang has a B.S. from Cornell University. He has worked for various companies helping to drive AI, security, and development. He also worked as Principal Security Researcher for Fortify in their Software Security Research group. Prior to this, Abraham worked in application security for over 10 years. He is focused on the security around AI/ML, application, framework, blockchain smart contracts, intelligent assistants, and mobile applications and has presented his findings at Black Hat USA, DEFCON, OWASP AppSec USA, RSA USA and BSIDES.
__________________________________________________________________
Session 2 - Evolution of Malware
This session will focus on the evolution of malware. After defining the basic terminology in use, the presenter will review the spread of the use of malware to the “death of the traditional anti-malware”. It will then discuss the use of Transport Layer Security (TLS) and others.
Speaker: Tim Mather, Partner, Fortium Partners
Tim Mather is a Partner at Fortium Partners, an IT consulting firm where he has assisted many clients with security issues (including ransomware remediation), developing security programs, and security evaluations. Additionally, he also advises several cybersecurity start-ups on their product strategies and marketing, and a venture capital firm on investments in cybersecurity start-ups.
Previously, Tim has held very senior security positions (e.g., CISO three times) for several high technology companies in the Silicon Valley. He has also worked for three cybersecurity start-ups. Tim is also a Certified Information Systems Security Professional (CISSP), a Certified Information Security Auditor (CISA), and a Certified Information Systems Manager (CISM).
Tim is also passionate about education having his Bachelor’s Degree in Political Economics from the University of California at Berkeley, as well as Master’s Degrees in International Policy Studies from Middlebury Institute of International Studies at Monterey, in National Security Studies from Georgetown University, and in Information Assurance from Brandeis University. He was involved from the inception of the Cyber Security program at Merritt College in Oakland, California and has been teaching classes there since its accreditation.
For fun, Tim loves to read and travel, and spending time with his cats when home.
Tim started his career in the U.S. Army as a Signals Intelligence office (35G), then moved to Washington, D.C. where he worked on a ‘black’ (classified) project as a liaison to the intelligence community for seven and a half years.
________________________________________________________________________________________