2017 Holiday Party

Save the date – invitations coming soon!  

Each year the New England HTCIA Chapter hosts a holiday party.  This year, we’ll be returning to our usual location December 6 from 5:00PM to 8:00PM.    We hope you can join us!

Catch up with friends and colleagues.  Meet new ones.

Cash bar.  Complimentary h’orderves.

2017 Fall Meeting

Our next meeting will be held October 10, 2017. If you didn’t receive an invitation, please email let us know via officers@newenglandhtcia.org.

In addition to taking nominations for 2018 chapter officers, we have three amazing speakers lined up:

Chris Kelly, Director, Digital Evidence Laboratory, Massachusetts Office of the Attorney General Five Things Cyber Investigators and Examiners Should Know for 2018

There are seismic technical shifts in the cyber threat landscape every day that demand constant education and adjustment for the cyber investigator.  But the dynamic technical aspects of cyber-facilitated criminal activity are only some of many challenges that thwart investigations.  During this talk, we will discuss some of the challenges and threats cyber investigators and prosecutors face as we prepare for 2018, that may be flying under the radar and thwarting investigations.  

Paul Asadoorian, Security Weekly, Founder / Offensive Countermeasures, CEO Everything I Need To Know About Security I Learned From Watching Kung Fu Movies

Whether you are a fan of Kung Fu movies or not, this will be an entertaining and informative look at various aspects of computer security. We’ll discuss how to learn computer security, the student & teacher dynamics, practical security tactics for defense and offense and explore some of the political and social aspects of security. Whether you are trying to break into the field of security, trying to defend your network from attackers or just plain want to be a better security professional, this is the talk for you.

(Insert signature “Whaaaaaaaaaaa” sound here) More detailed topics will include:

Your teacher may be reluctant to teach you

The consequences of taking shortcuts in your training

There will always be adversaries more skilled than you

The best defense is to have a good offense

The “softer” skills will more likely than not lead you to victory

Heroes don’t always start out as such

Paul Asadoorian spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. He is the founder of the Security Weekly podcast network, offering several freely available shows on the the topics of information security and hacking. As Product Evangelist for Tenable Network Security Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul studies Kung Fu (Shaolin Long Fist) and, of course, watches Kung Fu movies.

And finally, S/A Doug Domin, FBI Boston will present a case study.

Hope to see you there!

2017 Summer Meeting

The annual summer HTCIA New England Chapter meeting took place on June 26, 2017 at Fidelity Investments in Merrimack, NH.     We hope you enjoyed the meeting!

Jonathan Rajewski

The Internet of Things – What’s Possible? During this presentation, Jon will walk you through how to retrieve digital evidence generated from popular internet of things devices. Topics discussed will include mobile device forensics, cloud data retrieval, jtag and chip-off.  

Jonathan Rajewski is the Director of the Senator Patrick Leahy Center for Digital Investigation at Champlain College. Jonathan leads cyber security and digital forensic research projects and investigations for corporate, nonprofit and governmental entities. He has a passion for helping others understand extremely complex technical topics and cybercrime investigations, which fuels his abilities to teach, empower and advise organizations on how to properly approach the ever-evolving threats on the Internet. Jonathan presented a TEDx presentation on how the Internet of Things is making cybercrime investigations easier – https://www.youtube.com/watch?v=9CemONO6vrY.

Roland Cloutier

The Next-Gen Cyber Defender: Operating, Investigating, and Managing for Cyber Defense in a Digital World.

The security industry and cyber programs have moved far in just a few years from a technology, threat, and efficacy perspective―and they’re not slowing down. Roland Cloutier, Staff Vice President & Chief Security Officer for ADP, and Author of ’Becoming a Global Chief Security Executive‘, will tackle the topic of preparing for the future as a leader in cyber defense.  From over-the-horizon threat management to managing a next generation cyber team, Roland will talk through creating the operational programs, technological ecosystems, and management frameworks necessary to be successful in defending next-gen businesses and societies.

As Staff Vice President and Chief Security Officer of ADP, Roland Cloutier brings an unprecedented understanding and knowledge of global protection and security leadership to one of the world’s largest providers of human capital management solutions. With over 25 years of experience in the military, law enforcement and commercial sectors, Cloutier is one of today’s leading experts in corporate and enterprise security, cyber-defense program development and business operations protection. At ADP, a global provider of comprehensive payroll services and human resources management solutions, Cloutier has functional and operational responsibility for cyber, information protection, risk, workforce protection, crisis management and investigative security operations worldwide.

Gary Miliesfsky

Miliefsky will share his Secrets of Offensive Security which can be used as a stepping stone to defeat cyber espionage, cyber terrorism, cyber crime and even the latest threat – ransomware.

Cybersecurity Ventures predicts global annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion by 2021, which includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.  Global spending on cybersecurity products and services for defending against cybercrime is projected to exceed $1 trillion over the next five years, from 2017 to 2021, according to the Cybersecurity Market Report, which is published quarterly by Cybersecurity Ventures.  The U.S. has declared a national emergency to deal with the cyber threat, while others claim the world is engaged in a global cyberwar.

Gary S. Miliefsky, CEO of SnoopWall, states, “It’s time America stops being reactive and takes an offensive, proactive approach to cyber security.  We’ve had too many breaches and nearly 1B records stolen, which has a tremendous drag on our economy.  I will share insights on how and why we’ve become the #1 Target and what citizens, businesses and government can do by taking a new approach to this tremendous problem.

Gary is the CEO of SnoopWall, Inc. and a co-inventor of the company’s innovative breach prevention technologies. He is a cyber-security expert and a frequent invited guest on national and international media commenting on mobile privacy, cyber security, cyber crime and cyber terrorism, also covered in both Forbes and Fortune Magazines. He has been extremely active in the INFOSEC arena, most recently as the Editor of Cyber Defense Magazine. Miliefsky is a Founding Member of the US Department of Homeland Security (http://www.DHS.gov), the National Information Security Group (http://www.NAISG.org) and the OVAL advisory board of MITRE responsible for the CVE Program (http://CVE.mitre.org). He also assisted the National Infrastructure Advisory Council (NIAC), which operates within the U.S. Department of Homeland Security, in their development of The National Strategy to Secure Cyberspace as well as the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. Previously, Gary has been founder and/or inventor for technologies and corporations sold and licensed to Hexis Cyber, Intel/McAfee, IBM, Computer Associates and BlackBox Corporation. Gary is a member of ISC2.org and is a CISSP®.

2017 Winter Meeting

Our first meeting of 2017 took place at  Kosta’s Center for Homeland Security. The meeting was dedicated to long time chapter member, Fred Howell who passed unexpectedly on October 2, 2016.   In honor of Fred’s longstanding dedication to sharing his expertise in cybersecurity, our intent is to draw speakers from academia.

For those of you who didn’t know Fred, he helped to form our New England HTCIA Chapter in 1994.  Over the years, he was a driving force in our chapter’s evolution into to one of the premier high tech professional organizations in the country. He often provided instruction for chapter meetings.  Fred served in several capacities on the Board and ultimately became Chapter President in 2014. He impacted many of us over the years with his humor, wit and his knowledge of investigations.   His obituary may be viewed at: http://www.legacy.com/obituaries/wickedlocal-abington/obituary.aspx?pid=181724045.

  • Dr. Themis Papageorge, Associate Clinical Professor, Director – Graduate Information Assurance Program Northeastern University discussed Security Risk Management. Professor Themis Papageorge became the director of the Master of Science in Information Assurance Program in 2009. Prof. Papageorge is responsible for overseeing the program curriculum and introducing the online version worldwide. The MS in Information Assurance program, now offered both on-campus and online at Northeastern University, is available to an increased number of domestic and international students. He teaches the foundations of information assurance and the security risk management and assessment courses. Prof. Papageorge’s twenty-five years of corporate experience in technology, planning and process, and system redesign included a decade of executive management positions with information assurance companies. Most recently, he was vice president of services at Guardium, a leader in real-time database security, auditing, and monitoring. Prior to that, he was vice president of services at Courion, a leader in identity access management, authentication, and security. Prof. Papageorge has also held management positions at Digital Equipment Corporation. He received his PhD in risk management and engineering economics from the MIT Sloan School of Management, an MS in naval architecture and marine engineering from MIT, and a BS in naval architecture and marine engineering from National Technical University of Athens, Greece.
  • Sunanda Mani, Master’s candidate, Northeastern University discussed data spillage within the Hadoop and the difficulty of recovering deleted data from its Distributed File System (HDFS). Sunanda has worked as a cybersecurity R&D intern with Schneider Electric.  Sudanda is also Vice President of Northeastern’s Information Systems Security Association (ISSA).
  • Ryan Nolette, Carbon Black (and Chapter Treasurer) provided an Introduction to MAC Forensics.