Dear ISSA-BE Member, Dear Security Professional, In the next message, we would like to inform you about upcoming events and member benefits.
On May 11th, we will organize an event about Cybercrime: The actors, their actions, and what they’re after. The presentation will focus on trends and statistics based on 5 years of the Data Breach & Investigation Report and will be given by the EMEA manager of Verizon Business' Forensics practice who contributed to the Data Breach & Investigation report. The event will take place May 11th, 18.30 at Verizon Business in Leuven. More details will follow soon but please already mark your calendars if you would like to attend.
BruCON 2010 early bird conference tickets and course registrations are now available. Follow one of the excellent courses from some of the world's most renowned security experts. Starting with courses on Social engineering, Advanced Nessus scanning to Pentesting High Security Environments. More information and full list is available on http://2010.brucon.org.
Finally, we would like to inform you about the following member benefits.
Web Application Security_2010_ with Kenneth van Wyk: “Bring your laptop!” This Lancelot Institute event covers the most severe security defects found in today’s web applications and how to remediate them. Students get the opportunity to bring their laptop and participate in hands on exercises in a web application (in a safe environment). This is a 1 day training event for Security Professionals, Web Developers and IT / Enterprise Security Architects. ISSA- members receive a 10% discount on this training. Members are allowed to bring colleagues from software development for the same discount. For more information: http://webapsec.LancelotInstitute.com
Kind regards,
Tom Van den Eynde ISSA-BE Communications & Membership Officer
upcoming events
Written by Webmaster Rob
Apr 09, 2010 at 03:15 AM
We are proud to announce that ISSA-BE will be a partner of BRUCON, a Belgian security and hacker conference held 24-25 September 2010 in Brussels. BRUCON is still looking for speakers. If you have an interesting subject to talk about, please respond to the Call For Papers.
Finally, we would like to inform you about the following upcoming events
Date
Description
27-29/04/2010
InfoSecurity Europe
Register today to attend Infosecurity Europe April 27– 29, 2010 at Earls Court London and discover smart strategies, solutions and technologies for all of your business issues. As an ISSA member you will receive a complimentary pass by registering today. Register free at www.infosec.co.uk/issauk and visit us at Stand: N88
April-June 2010
Eric Van Buggenhout is organizing the SANS SEC 560 "Network Penetration Testing and Ethical Hacking" in Diegem and is looking for people to participate. ISSA Members get a 10% discount.
Togheter with the SANS Institute, Eric will be organizing the SEC560: Network Penetration Testing and Ethical Hacking course in mentor style in Brussels. The course will be held at Ernst & Young's premises in Diegem, each tuesday from 18.00 until 21.00 starting on April 20th and ending on June 22th. The SANS mentor program is designed to guide the students through the course content in ten consecutive sessions, where in each lessen the mentor will walk through the difficult sections of the course, provide hands-on excerises and experience, and if there is some time left, demo some cutting-edge penetration testing techniques. This style is perfect for students who can not spend a whole week at one of the SANS conference in Europe but who can dedicate some time for preparing the class through self-study. All students will receive the official SEC560 course books from SANS and access to MP3 recordings of the official SANS class.
If you know anyone of our colleagues or professional contacts who could be interested, please feel free to forward this email. More information on the course can be found here below:
Course Content Successful penetration testers don't just throw a bunch of hacks against an organization and regurgitate the output of their tools. Instead, they need to understand how these tools work indepth, and conduct their test in a careful, professional manner. This course explains the inner workings of numerous tools and their use in effective network penetration testing and ethical hacking projects. More information on the SANS SEC 560 course can be found at http://www.sans.org/security-training/description.php?tid=1717.
The SANS Mentor program is a self-study learning experience. Students will work independently at their own pace, and are expected to read the course books and any study materials provided -- prior to attending the Mentor-led sessions.
Mentor Biography Erik has been working for Ernst & Young’s Financial Service organisation for the last two years, under supervision of Pieter Danhieux, who is one of SANS's official instructors in Europe for the SEC560 course. Erik is dedicated to IT Security projects, including network and web application penetration testing for large financial institutions. In order to keep his knowledge at the cutting-edge, he travels around Europe attending hacking courses and conferences such as SANS, BruCON, CCC and Hacking at Random. He is also one of the main developers of The Hex Factor hacking challenge, which runs each year on conferences such as BruCON in Belgium and SANS London.
Practical Information Location: De Kleetlaan 2, B-1831 Diegem (Brussels), Belgium Date and time of the 10 sessions: - Tuesday April 20th, 2010 from 18h - 21h: Lesson 1 - Introduction to SANS, GIAC and SEC560 - Tuesday April 27th, 2010 from 18h - 21h: Lesson 2 - Planning, Scoping, and Recon - Tuesday May 4th, 2010 from 18h - 21h: Lesson 3 - Planning, Scoping, and Recon / Scanning - Tuesday May 11th, 2010 from 18h - 21h: Lesson 4 - Scanning - Tuesday May 18th, 2010 from 18h - 21h: Lesson 5 - Exploitation - Tuesday May 25th, 2010 from 18h - 21h: Lesson 6 - Exploitation / Password Attacks - Tuesday June 1st, 2010 from 18h - 21h: Lesson 7 - Password Attacks - Tuesday June 8th, 2010 from 18h - 21h: Lesson 8 - Wireless and Web Apps - Tuesday June 15th, 2010 from 18h - 21h: Lesson 9 - Wireless and Web Apps / Course Wrap-up - Tuesday June 22d, 2010 from 17h - 22h: Lesson 10 - Capture the Flag
Why attend these mentor sessions? - You can register for certification (GPEN: Giac Certified Penetration Tester). - Reduced price when comparing to SANS conferences. - A good chance to meet with peers and expand your professional network in Belgium - Study at your own pace - Access to the MP3 recordings of the official classes - Officials SANS books
Registration The following steps should be taken in order to register for this course: 1) You can register following this link: http://www.sans.org/mentor/details.php?nid=21434. Please include "MENTOR RECRUIT" in the comment box during your registration! 2) Drop an email at
Kind regards,
Tom Van den Eynde ISSA-BE Communications & Membership Officer
ISSA-BE: Yearly Members Meeting - Board Elections - Special Event - Infosecurity 2010
Written by Webmaster Rob
Mar 15, 2010 at 11:01 PM
Dear ISSA-BE Member, Dear Security Professional,
ISSA-BE would like to inform you about the following events:
The Board of the ISSA Brussels-European Chapter is very pleased to once more have an extraordinary speaker for its annual General Assembly! In 2008 we welcomed the distinguished Howard Schmidt, then ISSA International President and currently Cyberczar of President of the USA Barack Obama. In 2009 we welcomed Mr Bruce Schneier, information security guru since decades. And for this year's edition we have the honor of welcoming Chris Hoff, Director, Cloud & Virtualization Solutions at Cisco Systems and Technical Advisor & Founding Member of the Cloud Security Alliance.
In IT and Information Security, the 140-dB-"buzz" words are Cloud Computing and Cloud Security. Chris Hoff is a globally recognized expert and leading thinker on Cloud Security and I can't think of anyone better suited to explain us how to tackle Cloud Security than him! This is your chance to get top-notch information and guidance and to ask questions not many other people can answer!
Please register yourself and attend this incredibly interesting event!
The event will be preceeded by the annual elections for a new Board for the ISSA Brussels-European Chapter. The details concerning the elections will be detailed in a separate e-mail, but you can already find the agenda below.
I hope to see you all attend the elections and event with Chris Hoff!
Kind Regards Tomas Vanhoof ISSA Brussels-European Chapter Vice-President + Education & General Events Officer
Title: The Frogs Who Desired A King: A Virtualization and Cloud Computing Security Fable Set To Interpretive Dance
Description: Aesop wrote a little ditty about some discontented frogs who lived in a pond. They asked Zeus for a new King. They got one. It ate them. The moral of this story is "be careful what you wish for as you might just get it."
The corresponding analog is that of virtualization and cloud security. It's coming, but it's not going to look much like what security looks like today and it's certainly not what people are expecting. On the one hand, it may consume us all because we're unprepared for what we're asking for whilst on the other hand it's a platform change we'll adapt to without much fuss.
We'll discuss the realities of both virtualization and Cloud Computing security and how to deal with the things that don't change and also the things that do profoundly.
Bio :
Chris is Director of Cloud & Virtualization Solutions at Cisco Systems where he focuses on virtualization and cloud computing security spending most of his time interacting with global enterprises and service providers, governments, and the defense and intelligence communities. Previously, he was Unisys Corporation's Chief Security Architect, served as Crossbeam Systems' chief security strategist, was the CISO and director of enterprise security at WesCorp, a $25 billion financial services company and was founder/CTO of a national security consultancy. Chris specializes in emerging and disruptive innovation and what it means to security, and is technical advisor to the Cloud Security Alliance. Chris blogs at http://www.rationalsurvivability.com/blog
Some other interesting info about him :
- Winner of the 2010 RSA Security Bloggers Awards in the category of “Most Entertaining blog” (entertaining AND content-rich AND thought-provoking - just check it out yourself at http://www.rationalsurvivability.com/blog/?tag=cloud-security ) - he is probably the only Director of a multinational organization that has more and bigger tattoos than the above-average rockstar (except maybe organized crime, now that I think of it) - he is one of the people that are defining our industry
Date : Tuesday March 23rd, 2010
Starting time : 1800hrs for ISSA-BE Members - 1900hrs for non-Members
Place :
Cisco (who kindly provide the venue + food and beverages) Pegasus Park De Kleetlaan, 6A B-1831 Diegem Belgium
1800hrs - Welcome for the ISSA-BE Members with sandwiches and beverages in catering room
1830hrs - Start of the ISSA-BE General Assembly & Elections in the conference room.
1900hrs - Welcome for the ISSA-BE Contacts with sandwiches and beverages in catering room
1930hrs - Start of the event with Chris Hoff - part 1 in the conference room
2030hrs - networking break in catering room
2045hrs - part 2 of the event with Chris Hoff (incl.interactivity / Q & A),
2130hrs - Networking drink at catering room (drinks for 60 people)
Registration Procedure :
Registration for the event is free but mandatory. In case there would be more registrations than available seats, ISSA members in good standing will be favoured over other people in a ratio of 70% Members to 30% non-members. Early registrants will have precedence over late registrants. Members as well as non-members register by e-mailing their contact details (name, surname, company/organisation, ISSA Membership Nr) to mentioning "(ISSA-BE Elections+) Event with Chris Hoff" in the subject line respectively.
Registration starts as of March 15th. 2010 and ends on Tuesday March 23rd, 2010 at 1200hrs CET. People that have been put on the waiting list receive their eventual acceptance / refusal on Tuesday March 23rd, 2010 around 1400hrs CET.
If your registration was confirmed, but you can't make it eventually, please inform us via in order to give someone from the waiting list the opportunity to attend.
Kind regards,
Tom Van den Eynde ISSA-BE Communications Officer
ISACA IT SECURITY EVENING INVITATION - Wednesday 24th of March 2010
Written by Webmaster Rob
Mar 09, 2010 at 10:02 PM
dinsdag 23 februari 2010 15:24:11 From: "education" <
> To: "education" <
>
“Information Security in 2020: an evening with Dr. Eugene Schultz”
The speaker to introduce this ISACA IT Security Open Forum: Mr. Marc Vael (ISACA Belgium)
Marc Vael is certification officer of the Belgian Chapter of ISACA and is involved in the promotion and education initiatives of the
ISACA certifications CISA, CISM, CGEIT and CRISC. Marc will lead the talk with the host.
The guest of this evening is Dr. Eugene Schultz, CISM, CISSP: Chief Technology Officer at Emagined Security Inc.,
an information security consultancy based in San Carlos, California, USA. He is the author/co-author of 5 books (Unix security, Internet security, Windows NT/2000 security, incident response, and the latest on intrusion detection and prevention). Eugene has written over 120 published papers. He was the Editor-in-Chief of Computers and Security from 2002-2007, Eugene is currently on the editorial board for this journal, and is an associate editor of Network Security. He is also a SANS instructor, member of the SANS NewsBites editorial board, co-author of the 2005 and 2006 Certified Information Security Manager (CISM) preparation materials, and is on the technical advisory board of 3 companies. He has previously managed an information security practice as well as a national incident response team.
He has also been professor of computer science at several universities and is retired from the University of California at Berkeley. Gene has also been named to the ISSA Hall of Fame and has received ISSA's Professional Achievement and
Honor Roll Awards. While at Lawrence Livermore National Laboratory he founded and managed of the U.S.
Department of Energy's Computer Incident Advisory Capability (CIAC). He is also a co-founder of FIRST, the Forum of Incident Response and Security Teams. Dr. Schultz has provided expert testimony before committees within the U.S. Senate and House of Representatives on various security-related issues, and has served as an expert witness in legal cases.
Schedule for the ISACA IT Security Evening:
17.00 – 17.30 Welcome coffee -
17.30 – 17.40 Introduction on the forum Marc Vael
17.40 – 18.15 Security in 2020 Dr. Eugene Schultz
18:15 – 18:30 Coffee Break
18.30 – 19.30 Security in 2020 Dr. Eugene Schultz
19.30 – 19.45 Conclusions Marc Vael
Miscellaneous: The ISACA IT Security Evening will be in English. Questions and/or suggestions are welcome beforehand in English.
There is no charge for this forum. CPE certifications will only be given to the persons who registered via e-mail prior to the event!
Important notification of attendance: Only registered people will be able to enter the Atos Worldline
For future events: See the ISACA Belgium home page at http://www.isaca.be
Last Updated ( Mar 09, 2010 at 10:23 PM )
Infosecurity2010
Written by Webmaster Rob
Feb 11, 2010 at 11:35 AM
Dear IT Security Professional,
ISSA-BE would like to inform you about the following events:
Infosecurity 2010
ISSA BE is Partner! TheTrade show Infosecurity.be, 24 & 25 March Brussels Expo, offers IT professionals an overview of the latest security technologies, products and services. With a wide range of exhibitors, keynote sessions, comprehensive seminar programme and other activities the show offers a great deal of inspiration for all your security issues.
Would you like to visit Infosecurity? Now the preregistration is open, just click on the banner below:
Dutch Registration:
French Registration:
Keynote speakers
The seminars are divided into management sessions and technical sessions. Seminars by keynote speakers are: ‘Data Security Breaches: An Unstoppable Epidemic?’ by Eugene Schultz (Emagined Security), ‘Data Leakage Prevention: When data goes up and out’ by Noël van den Driessche (KBC Group) and ‘Threat Landscape 2010: Evolution or Revolution?’ by Maksym Schipka (Kaspersky Lab).
Schipka is a widely-known security expert and one of the issues that he will highlight is the need for a common understanding that organisations have to focus a lot more on prevention when it comes to data security. Schipka: “When you approach data security in a proactive way then eventually money will be saved and data will be secured.”
Professional Development Café
One of the keynote activities is the Professional Development Café. Infosecurity.be and (ISC)2 invite visitors to round table discussions and small groups discussions on professional development. Each 40 minute session will offer practical insight and current research into changing demands on the profession and the skills required to meet them.
Infosecurity.be will also have some fascinating Case Studies, where exhibitors show their solutions to your security problems. The show takes place at the same time as the trade show Storage Expo BE (data storage and management). A unique one-stop shopping opportunity: with just one visit, you can kill two birds with one stone!
Data:
Wednesday 24th en Thursday 25th of March 2010
Opening Hours: From 10.00 A.M. to 5.00 P.M. Extra opening night on Wednesday till 7.00 P.M.
Location: BRUSSELS Expo, Heisel
Would you like to visit Infosecurity? Now the preregistration is open, just click on the banner below:
We would like to inform you about our board election results, upcoming events and member benefits.
At our last annual General Members Meeting, we elected a new board. Our new board composition is as follows:
President: Bart Moerman
Treasurer: Xavier Serret Secretary: Thomas Herlea Membership: Tom Van den Eynde
Vice President: Rob Kloots Vice President: Toon Mordijck
Communications: Tom Van den Eynde Education & General Events: Clément Herssens
Website: Rob Kloots External & Public Relations: Bart Moerman
Sponsorship: Johan Meire
Hello all,
There is now a "Brussels European" community where we can: - announce our next events - post documents (presentations, forms, ...) - create and manage discussions - ...
On behalf of the board of ISSA-BE I wish you all a happy new year. In expectations for your security career I will not wish you anything specific. So much as the one security professional hopes his network will remain hacker free, so much another one wishes to have a successful hack to obtain a better budget.
2009 has been the year of the financial crisis. As a security association we also felt that. Thanks to you all we could maintain our membership pretty well in these times. The effect we see is on the time board members have spare to spent on the association. Indeed, the professional involvement was at the detriment of the time available for hobbies like ISSA-BE.
We are now early 2010 and your organisation is continuing with the organisation of new events which will address a variety of professional interests. And to be able to further expand we would like to get more board members, professionals who are willing to spare some time for their colleagues and their professional career. Yes, not only do you have the opportunity to organise interesting events; you also are able to do develop your personal competences. For those who have a CISSP certification, the board activities count for your CPEs!
ISSA-BE has its annual elections in March. Don’t wait till then to become a candidate for the board. Already start now: contact us and join a board meeting to get the feeling of it. Get in touch with one of the board members.
Howard Schmidt is the current president of ISSA.org.
Today the White House announced the President’s new White House Cybersecurity Coordinator, Howard Schmidt.
Howard Schmidt, is the information security expert who President Obama tapped Tuesday as his cybersecurity coordinator and who served as a senior cybersecurity adviser in the Bush administration. He is characterized as a no-nonsense leader who will take no guff from senior White House advisers in advancing the administration's cybersecurity initiatives.
SecAppDev 2010 is an intensive one-week course in secure application development. secappdev.org is a non-profit organization dedicated to improving security skills and awareness in the developer community. The course is a joint initiative with K.U. Leuven and Solvay Brussels School of Economics and Management.
SecAppDev 2010 is the 6th edition of our widely acclaimed course, attended by an international audience from a broad range of industries including financial services, telecom, consumer electronics and media and taught by leading software security experts including
- Dr. Gary McGraw, the Cigital CTO and prolific author. - Prof. dr. ir. Bart Preneel who heads COSIC, the renowned crypto lab. - Ken van Wyk, co-founder of the CERT® Coordination Center and widely acclaimed author and lecturer. - Dr. Richard Clayton of the University of Cambridge Computer Laboratory's security group, well known for his research on security economics. Replacement speaker under way.
The course takes place from February 22nd to 26th2010 in the Groot Begijnhof, Leuven, Belgium, a UNESCO World Heritage site.
For more information visit the web site: http://secappdev.org.
Places are limited, so do not delay registering to avoid disappointment. Registration is on a first-come, first-served basis. A 10% discount is available to paid-up ISSA members.
Flexible Education Solutions for IT Management professionals: Four executive seminars starting Mid-January 2010 at Solvay Brussels School-EM:
Basic principles for the development of Applications and e-Business systems. This module addresses security issues, implementation methodologies, and presentation of usual technical platforms.
ISSA-BE would like to inform you about the following training opportunities for which our members can receive discounts:
BCM Academy
Courses Summer / Fall 2009
Certified Business Continuity Manager : 12 modules spread over 4 months Start: September 17 2009 Price: € 5.988 excl. vat (excl. hotel and dinner)
Business Continuity Management Foundation: 5 consecutive days incl. lunch Dates : October 5-9 Price: € 2.495 excl. vat (excl. hotel and dinner)
Crisis Management & Communication: 2 consecutive days incl. lunch Dates : October 1-2, December 7-8 Price: € 1.395 excl. vat (excl. hotel and dinner)
Business Continuity Management Essentials: 2 consecutive days incl. lunch Dates: September 28-29, December14-15 Price: € 1.395 excl. vat (excl. hotel and dinner)
Workshops Summer School 2009 1 day incl. lunch Crisis management : July 8 or August 19 Business Impact Analysis : July 9 or August 20 BS25999 : Juli 10 juli or August 20 Price: € 395 excl. vat per workshop
ISSA members receive a 10% discount on all offerings.
BCM Academy is het toonaangevende Europese Kennis Management Instituut voor Business Continuity, Disaster Recovery & Crisis Management. Het instituut beschikt over een uniek en breed aanbod van opleidingen, bewustwording, trainingen, diensten en oefeningen met betrekking to Business Continuïteit, Disaster Recovery en Crisis Management. Ons doel is aantoonbaar en blijvend gericht op de duurzaamheid, continuïteit en stabiliteit van uw bedrijf of uw organisatie.
BCM Academy verzorgt eveneens de certificering van het individu en accreditering van uw organisatie.
Cursusaanbod zomer en najaar 2009
Certified Business Continuity Manager : 12 modules verspreid over 4 maanden. Startdatum : 17 september 2009 Prijs : € 5.988 excl. btw (excl. hotel en diner)
Business Continuity Management Foundation 5 opeenvolgende dagen incl. lunch Data : 5 t/m 9 oktober Prijs : € 2.495 excl. btw (excl. hotel & diner)
Data : 1-2 oktober, 7-8 december
Prijs : 1.395 excl. btw (excl. hotel & diner)
Business Continuity Management Essentials 2 opeenvolgende dagen incl. lunch Datum : 28-29 september, 14-15 december
Prijs : € 1.395 excl. Btw (excl. hotel en diner)
Disaster Recovery Essentials
3 opeenvolgende dagen incl. lunch
Datum : 29 juni t/m 1 juli
Prijs : € 1.695 excl. Btw (excl. hotel en diner)
Workshops Summer School 2009 1 dag incl. lunch
· Crisismanagement : 8 juli of 19 augustus · Business Impact Analyse : 9 juli of 20 augustus · BS25999 : 10 juli of 20 augustus
Prijs : 395 excl. btw per workshop
Alle opleidingen worden volledig ingericht op kleinere groepen van overeenkomstig kennis- en ervaringsniveau.
Contact & inschrijvingen Voor verdere informatie of gericht advies nodigen wij u graag uit contact op te nemen met
ISSA Leden hebben bij inschrijving recht op 10% korting.
Just as we hit the Infosecurity.be fair, and as a small reminder for all of you, check out a brief overview of current additional benefits you get when becoming a member of ISSA-BE.
Lancelot Insitute offers a 10% discount for ISSA members when registering for CISM and CISSP trainings.
The Lancelot Institute will be present at Infosecurity.be 2009 today and tomorrow at booth 08.A051. The Institute states that high quality trainings and resources should be available to all professionals and orgnaisations willing to develop themselvers. Their complete business model is built on that principle. Their trainers have experience in the most advanced security environments all over the world. Not just the 'what', yet also the "why and the how" are presented. Security measures are taken not just because they are possible, but because they add value. They do not avoid tough discussions with attendees, but, ont the contrary, stimulate them. Attendees are received in inspiring training locations, equipped with all modern facilities. All of this is said to be delivered agains investments that are considerably lower than elsewhere.
So, 10 % discount for ISSA members for these two training scheduled in Brussels..
Interested? Request information or enroll by using this
link:
Events 
