CMHSecLunch Announcement

Posted on November 5, 2012 by Brent Huston

We wanted to take a moment and send out a special announcement to our Columbus, Ohio area readers. Brent Huston is pulling together a monthly casual event for IT and InfoSec focused folks in our area. He posted this a few days ago to Twitter (@lbhuston):

#CMHSecLunch 1st attempt – Monday, Nov 12, 11:30 -1pm at Tuttle Mall food court. Informal lunch gathering of infosec geeks. Be There!

We invite all of our local readers to attend. Just have a casual lunch with infosec friends and great conversations. No sign up, no membership fees, no hassle, no fuss. If you can make it, cool, if not, also cool. So, if you have time, drop in and break bread. We hope to see you there.

Let us know on Twitter or in the comments if you have feedback.

Thanks for Another Great ICS/SCADA Security Symposium

Posted on November 2, 2012 by Brent Huston

J0289528

Thanks to all who helped make the ICS/SCADA Security Symposium fantastic again this year. Great conversations, excellent content and such friendly discussions among peers and concerned parties.

Next year, we plan to open the event to attendees from throughout the midwest and hope to get even more participation from manufacturing and those who support critical infrastructures.

Thanks again for all of the hard work that Connie, Chris and the rest of the organizers did to make the event possible. Most of all, thank you for attending, participating and trusting us (and each other) to create such an amazing process of open dialogue. You are all heroes in my book!

Thanks to NEOISF & Ohio State Office of the CIO

Posted on October 31, 2012 by Brent Huston

J0289893

Last week we had a great time in Cleveland speaking at the North East Ohio Information Security Summit. Thanks to the folks who came out to hear us speak and to the great staff of NEOISF for making the event such an amazing thing for all who attend. We look forward to next year!

Thanks, as well, to the Ohio State University office of the CIO. We were pleased to participate in the Information Security Day sponsored by the university and Battelle. Thanks to all who attended that event with the threat of Hurricane Sandy looming large. It was a fantastic interaction with some of the next generation of infosec folks and some of the awesome members of the CMH InfoSec community. Thanks for having us participate and especially for asking us to keynote.

The slide decks for both of these talks are available by request. If you would like to have a copy or set up a time to discuss them, have them presented to your team or engage with us about the content either drop us a line in the comments, reach out on Twitter (@lbhuston) or give your account executive a call at (614) 351-1237 ext 215.

Some pictures from the events are available here:

2012 10oct 25 dsc 0065 smaller

NEO Summit – Picture courtesy of Greg Feezel (Thanks Greg!!!)

Ohio State Information Security Day

ICS/SCADA Security Symposium Reminder

Posted on October 29, 2012 by Brent Huston

COLUMBUS, Ohio October 9, 2012 – The second annual ICS/SCADA Security Symposium, to be held November 1 2012 in Columbus, is designed to serve as a level set for teams and organizations who are actively managing production ICS/SCADA environments. Once again, this full day session will include best practices advice, incident response, detection techniques and a current threat briefing focused on ICS/SCADA providers. Presenters will cover a variety of topics about what is working, what is not working so well in terms of information security, network protection and trust management. To learn more about the event and to see if you qualify to attend, please contact us via email (info<at sign>microsolved(<dot>)com) or via phone by calling 614.351.1237 ext 215. Chris Lay (@getinfosechere) is handling the invitee list for the event and will be happy to discuss the event with you in more detail. Attendance is free of charge, meals will be provided and a limited number of seats are still available if you qualify.

NE Ohio Security Summit – Come Out & See Us!

Posted on October 24, 2012 by Brent Huston

The NE Ohio Security Summit kicks off tomorrow and runs through Friday evening. Chris Lay (@getinfosechere) and myself (@lbhuston) will be in attendance. I will be speaking on Thursday afternoon about Detection in Depth and some other models for doing nuance detection around the enterprise.

While you are there, check out the booth of Managed HoneyPoint partner Hurricane Labs, and hit Chris up for a cup of coffee and a friendly discussion about our services, partnerships and engagements.

We look forward to a great event and give much thanks to the folks who put this amazing Summit together. They are an awesome team, with a ton of great help and a can-do attitude. Their hard work and dedication is what makes this one of the best Summit events of the year. Stop them in the hall and give them a big thanks for all they do!

As always, thanks for reading. If you mention you read the post and use the code word “snazzy” when you come up to chat, I just might have a little special treat for you. 🙂

PS – My talk is in Bordeaux B at 2:30 PM Eastern. See ya there!

MSI Announces The Second Annual ICS/SCADA Security Symposium

Posted on October 9, 2012 by Brent Huston

See YOU at Derbycon!

Posted on September 26, 2012 by Brent Huston

I will be presenting Friday night at 7pm Eastern at Derbycon. Come on out and see us discuss the history, models and cellular nature of cyber-crime. We also plan to cover where we think online crime is likely to go in the next couple of generations and discuss some ideas for what we need to consider to combat the issues.

Drop by or chat in the hallways and we look forward to seeing you. Myself (@lbhuston), Phil Grimes (@grap3_ap3) and Adam Hostetler (@adamhos) will be in attendance. Tweet us if you want to connect!

Have a great weekend!

Oracle CSO Online Interview

Posted on September 24, 2012 by Brent Huston

My interview with CSO Online became available over the weekend. It discusses vendor trust and information security implications of the issues with password security in the Oracle database. You can read more about it here. Thanks to CSO Online for thinking of us and including us in the article.

OWASP Talk Scheduled for Sept 13 in Columbus

Posted on September 10, 2012 by Brent Huston

I have finally announced my Columbus OWASP topic for the 13th of September (Thursday). I hope it turns out to be one of the most fun talks I have given in a long while. I am really excited about the chance to discuss some of this in public. Here’s the abstract:

Hey, You Broke My Web Thingee! :: Adventures in Tampering with Production

Abstract:
The speaker will tell a few real world stories about practical uses of his defensive fuzzing techniques in production web applications. Examples of fighting with things that go bump in the web to lower deployment costs, unexpected application errors and illicit behavior will be explained in some detail. Not for the “play by the book” web team, these techniques touch on unconventional approaches to defending web applications against common (and not so common) forms of waste, fraud and abuse. If the “new Web” is a thinking admin’s game, unconventional wisdom from the trenches might just be the game changer you need.

You can find out more about attending here. Hope to see you in the crowd!

PS – I’ll be sharing the stage with Jim Manico from White Hat Security, who is always completely awesome. So, come out and engage with us!

See you at the Central Ohio BBB Torch Awards

Posted on September 6, 2012 by Brent Huston

Today, our team will be pleased to accept the BBB Center for Character Ethics’ Torch Award! We first announced our selection by the committee back in June, and today we are thrilled to spend an afternoon with the fellow winners, our customers, our families and the Central Ohio Community. We are greatly humbled and excited by our selection for the award and we look forward to continuing to live by the same organizational ethics and dedication to customer service in the coming years.

Special thanks today to our families and mentors who taught us to “do the right thing, even when no one is looking” and to all of the customers and clients that have placed their faith in us over the last (soon to be) 20 years. Without all of you, none of this would be possible.

If you can join us for the luncheon today, we look forward to seeing you. If you can’t, we understand, and we’ll be back to work later today, once again laser focused on protecting you and our critical infrastructure. (We’re still leaving the ISOC in capable hands while we gather for the ceremony… :))

As always, thanks so much for reading and for supporting MicroSolved. We love helping you keep your business, your business… 🙂

[UPDATE] – Much love and thanks to those who attended. What a great event! The best part was meeting the young students who wrote essays about ethics, leadership and engagement. Congrats to all of the winners!

MSI :: State of Security

Insight from the Information Security Experts

Category Archives: Announcements