Issue 2

Announcements

Message from the Chapter President

October is Cybersecurity Awareness Month! We are really looking forward to our next in-person event this month with the NOLAsec group. Sarah Anderson, founder of SWA Law and LegallyCyber.com, will provide her legal perspective for cybersecurity. This event will be at TEKsystems in Metairie at 3900 N Causeway Blvd. Suite 660 (registration link in events section below). There will be some catered food and drinks for attendees.

Unfortunately, last month, several of our friends at Stephenson Technology Corporation were sick right before we could meet for the tour of the cyber range. We didn’t want to risk spreading to others so we are rescheduling this event for December and hope to see you there!

We also want to express appreciation to Peter Strouse for leading a virtual meeting with the Chapter. Peter is the CEO and founder of InfoConnect as well as host of the youtube channel/podcast ‘Talant Gap Fireside Chat’. He provided great insight and tips for working with cybersecurity recruiters.

Also, reach out chapter leaders if planning to attend ISC2 Security Congress in Nashville on 25-27.

Visit the Chapter's website and connect with us on LinkedIn
- Website https://www.isc2-cgcchapter.org
- LinkedIn https://linkedin.com/company/isc2-cgcchapter

  • You do NOT need to be ISC2 certified to join the chapter - part of our chapter Mission is to support those interested in gaining certification.
  • The ISC2 CGC Chapter supports All of Louisiana and Mississippi. We also welcome professionals from other areas to join and participate in virtual events.
  • Contact president@isc2-cgcchapter.org to get involved with Chapter leadership meetings or to help support events/activities.
Message from Dr. Darrell Eilts, CISSP  

Events

October Chapter Event

Sarah Anderson, Permission to Think Differently
A joint event with NOLAsec - sponsored by TEKsystems
When: Oct 4th, 5:30 pm
Where: Walk-On's Sports Bistreaux - Metairie, 4436 Veterans Memorial Blvd, Metairie, LA 70006
Click here to Register

Sarah W. Anderson is the owner and founder of SWA Law LLC and LegallyCyber.com. She is the chief legal counsel for the State of Louisiana's Emergency Support Function-17, responding to cyber incidents and conducting cyber law training across the Pelican State.

Prior to founding SWA Law, Sarah was Of Counsel with Alexander Sides Law Firm, in-house counsel with the Cyber Innovation Center (a technology innovation non-profit), and a former partner with a multi-state law firm, representing several fortune 500 companies in toxic tort litigation and property disputes.

Sarah is currently serving as a Judge Advocate in the U.S. Army Reserves. She served as a Brigade Judge Advocate for an Infantry Brigade Combat Team in theater, as well as a Cyber Law Judge Advocate for the State of Louisiana and legal liaison for the Louisiana Cybersecurity Commission while with the Louisiana Army National Guard.

 

Regional Groups

The following are associated groups that meet in major cities across the Central Gulf Coast and have support from ISC2 CGC Chapter Members.

New Orleans Area:
NOLASec Meetup -See above (October Chapter Events)-

Lafayette Area:
DEFCON Acadiana October 11th
The Ruins 1919 Kaliste Saloom Rd.
5:30-7:30 - 2nd Wednesday of every month

Baton Rouge Area:
BRSec TBD for October

Lake Charles Area:
SWLA Cyber Club
Walk-On's Bistro (5313 Common St, Lake Charles)
6pm-7:30pm - The last Wednesday of every month

 

Spotlight

Member Spotlight - Vince Gremillion

Vince Gremillion is the President and the Founding Co-Owner of RESTECH Information Services, Inc. As a business, RESTECH is a long-standing company that has stayed on the forefront of technology for its 30+ years and has overseen the company growth to approximately 40 employees. Vince is well-known as one of the region’s leading experts in technology and is extremely knowledgeable on system and cyber security. He has led the RESTECH team into new markets, capabilities, acquisitions, staffing and areas of expertise throughout his tenure as a leader. He emphasizes communication with clients and maintaining long-term relationships. Another of his business models has been the implementation of a strong “HELP FIRST” ethos and an attitude of continued professional improvement.
Vince provides Cyber Security consulting, assessments, and implementation for the greater business community. He maintains a CISSP and GCIH certification and specializes in IT measures that prevent many modern cyber-attacks from being successful. He is a speaker and presenter of Cyber Security topics for local and regional businesses. Vince often serves as a speaker and presenter for cyber-related issues locally and regionally. He has been married since 1986 and is a proud father of 4. He has been working in technology since the early 1980s. He is active with community and missional improvement efforts. The ISC2 Central Gulf Coast Chapter appreciates Vince's volunteerism which includes presenting the Center for Cyber Safety and Education’s “Safe and Secure Online: Senior Edition” presentation to the Mississippi Gulf Coast Senior Alliance as well as keynote for our monthly members meeting.

 

Q2 Opinion Topic

What is Malware as a Service?

Malware as a Service (MaaS) has come a long way in recent years. While the concept of conducting malicious activities on behalf of another person or organization for money or services is not new by any means, the sophistication and accessibility have steeply increased. This allows a wider audience to participate in malicious behaviors by lowering the knowledge bar, exponentially increasing malicious actors on a daily or even hourly basis. MaaS is profitable, which means it will continue to grow and evolve, it isn’t going to stop. This is not only profitable for those who use the services but for the service providers as well. This provides incentive to stay ahead of defensive measures, and continue to develop new exploits for profitability.

A great article covering MaaS can be found https://infosecwriteups.com/the-rise-of-malware-as-a-service-maas-how-its-changing-the-cybersecurity-landscape-part-1-of-50ca5d166e40 What are your thoughts/concerns/suggestions? Join the conversation on our Chapter LinkedIn group.

 

Protecting personal devices and promoting cybersecurity awareness

A number of best practices can help protect the security of devices and keep you safe online. The following practices help protect both personal and work devices.

Passwords

  • Never share passwords with others
  • Change default passwords set by device manufacturers
  • Using strong passwords (e.g., at least eight characters in length and include a mix of uppercase and lowercase letters, numbers, and special characters)
  • Change your passwords regularly
  • Use a different password for each account
  • Ideally, do not write passwords down – but if you do, keeping them in a secure place separate from your devices
  • When possible, enable the use of multifactor authentication

Security Software

  • Ensure that security software is installed on your devices to protect against malware
  • Protect against newer types of malware, ensure that the software is always up to date
  • Enable automatic updating of security software if this is an option
  • Use security software to scan external devices, such as USB flash drives, for malware before using the devices

Physical Security

  • Do not leave devices unattended or unlocked; lock devices or carry them with you
  • Minimize the storage of sensitive data on devices

Online Security

  • Always verifying the source of a communication before opening it
  • Do not click links or download files if you're unsure of their source
  • Scan files for possible malware before downloading them
  • Verify that sites are secure before making financial transactions
  • Limit activities and access when using Wi-Fi hotspots
  • Keeping yourself informed about current scams and ways to stay safe online
  • Be wary of unsolicited communications
  • Log out of accounts and off social media sites after using them
  • Limit what you share online

Backup

  • Create a backup and recovery plan! (e.g. daily, weekly, monthly - primary & secondary backups where practical)
  • Store backups on cloud or a separate device
  • Encrypt backups (e.g., enable 256-bit AES encryption)
 

ISC2 CGC Chapter

The ISC2 Central Gulf Coast Chapter, a 501(c)(3) non-profit based out of the Greater New Orleans area. It was chartered by ISC2 in January 2021 to serve the Central Gulf Coast region - Louisiana and Mississippi.

isc2-cgcchapter.org  

Volunteer

Call for Volunteers

ISC2’s Center for Cyber Safety and Education sponsors the Safe and Secure Online program as part of the organization’s Reach and Inspire effort to spread cyber awareness and techniques to at risk audiences. Volunteers sign up to present a 45-60 minute presentation on to local high-risk groups (school children, parents, senior citizens, etc.). The first two presentations earn the speaker 10 CPEs each. Interested individuals can sign up at iamcybersafe.org or email events@isc2-cgcchapter.org

Volunteer Safe and Secure Online  

No spam, ever. We'll never share your email address and you can opt out at any time.