Saturday, July 8, 2017

Call for Speakers for the New York Metro Joint Cyber Security Conferance

As the co-chair of this event I am letting you all know you have the opportunity to propose a topic to present at this event.

You are invited to the Capital of the World, New York City for the 4rd Annual Joint Cyber Security Conference on October 5th 2017.  The event will be feature internationally recognized  presentations delivered by security researchers, industry leaders and officials in Time Square!
Showcase your security expertise and share your knowledge - October 5th, 2017 in New York City for the 4th Annual Joint Cyber Security Conference.  This is an excellent opportunity to take advantage of unparalleled networking opportunities with other information security professionals, industry experts, and thought leaders from around the world, and get the exposure and recognition you deserve.

Please submit your proposal by 11:59 pm on August 7th, 2017 EDT.

Looking for proposals from security practitioners who want to have real conversations about security: security analysts, engineers, and administrators, developers, testers, results-focused QA researchers of all kinds, chief security officers, leaders in risk and audit, and security data scientists. If you’re on the front lines of defense with stories of great success and worthy failure, especially if they provide clear ideas for what to do next, let us hear from you. And while people need a sense of what’s possible, bring concrete technical solutions above all else.

Note: Names and company affiliations will not be considered by the program committee during the first round of review.

Eligible Topics

We would like to cover all Security-related disciplines, including:

·        Analysis
·        Education
·        Engineering
·        Forensic
·        Governance
·        Network
·        Operational
·        Physical
·        Policy
·        Social
·        Technical

Submission Process & Requirements

·        The original author(s) of a presentation must submit for the Call for Presentation. Third parties such as PR firms or speaker representatives may not submit materials on behalf of a potential speaker or speaking team.

·        New York Metro Joint Cyber Security Conference (NYMJCSC) does not accept product or vendor-related pitches. .

·        Each submission must be completed in its entirety the first time.

·        New York Metro Joint Cyber Security Conference (NYMJCSC) selection process is very competitive. Members of the NYMJCSC Review Board score each submission as a group.  Submissions should clearly detail the concepts, ideas, findings, and solutions a researcher or speaking team plans to present.

·        Submissions that highlight new research, tools, vulnerabilities, etc. are highly recommended and will be given priority.

·        Submissions that include Handouts and Live Demos will also be given priority.

·        Speakers may submit more than one proposal but each proposal must be submitted via a separate submission form.

·        Each submission must include detailed bibliographies acknowledging prior work in the space, distinguishing or highlighting how your presentation is different.

·        Individuals submitting a proposal will receive a “Your submission for New York Metro Joint Cyber Security Conference 2017 has been received”. After selections have been completed, all submitters will receive an email confirmation of acceptance or rejection.

·        Speakers will be contacted directly if Review Board members have any questions about a submission.

Review Board & Content Selection

The speaker selection committee is comprised of association volunteers in various areas of the information security community. The Review Board advises the conference on its strategic direction, reviewing, and programming conference content and providing unparalleled insight into the attendees.

Each presentation will be reviewed using a basic point system, each reviewer will be responsible for scoring the talk submission and picking the best candidates for limited spots.

·        1-3 Points – Creative and catchy title

·        1-3 Points – Clear and detailed learning abstract/objectives/sources. This will be used by the speaker selection committee and viewed by the attendee as to why to attend this talk, the more complete the better.

·        1-3 Points – NYMJCSC Association Topic (Core body of work/project from a member association)

* Speakers will be picked on these criteria regardless of sponsorship if applicable

Required Information

You’ll be asked to include the following information for your proposal. Proposed title

·        Description of the presentation

·        Suggested main topic

·        Audience information:

o   Who is the presentation is for?

o   What will they be able to take away?

o   What prerequisite knowledge do they need?

·        For tutorial proposals: hardware installation, materials, and/or downloads attendees will need in advance

·        Speaker(s): biography and hi-res headshot (minimum 1400 pixels wide; required)

Tips for Submitting a Successful Proposal

Help us understand why your presentation is the right one for this conference. Please keep in mind that this event is by and for professionals. All presentations and supporting materials must be respectful, inclusive, and adhere to our Code of Conduct.

·        Give your proposal a simple and straightforward title.

·        Include as much detail about the presentation as possible.

·        Keep proposals free of marketing and sales, including buzzword-heavy jargon and FUD

·        Keep the audience in mind: they’re professional, and already pretty smart.

·        Explain why people will want to attend and what they’ll take away from it.

·        Pick the right topic for your talk to be sure it gets in front of the right program committee members.

·        Be authentic. Your peers need original ideas in real-world scenarios, relevant examples, and knowledge transfer.
To submit your Proposal go here

Sunday, May 21, 2017

Security Impact of Social Engineering - SECON 2017

Thursday, May 25, 2017 - 8:30 AM–5:30 PM
New Jersey City University
2039 John F. Kennedy Boulevard, Jersey City, NJ 07305

Attend a one day event sponsored by the NJ Chapter of (ISC)2, friends, and sponsoring NY/NJ/CT Metro area associations. Leaders in the industry are excited to present leading edge insights, discussion and exchange of innovative, future focused ideas and solutions to address technical and business related social engineering. Highlights include: Learning about CEO Fraud/Whaling (non-technical Social Engineering), Ransomware, Interactive Social Engineering sessions, Social Engineering Video Contest, Social Engineering Toolkits, IoT, Fraud, legal and compliance, SE perpetrated against individuals, higher education CISO panel and a CISO panel discussing impacts of SE on corporations.

For details on the Program Agenda, Speakers, and to Register for the event, please click the link here

Saturday, May 6, 2017

2016 New York Metro Joint Cyber Security Conference Update

As some of you know I help run a day Security conference in NYC. The event is made up of Security groups in the New York Metro area

The New York Metro Joint Cyber Security Conference is a collaborative event cooperatively developed, organized and sponsored by the leading information security industry organizations and chapters.
  • InfraGard (New York Metro)
  • ISACA (New York Metro, New Jersey and Greater Hartford Connecticut)
  • (ISC)2 (New Jersey)
  • ISSA (New York)
  • OWASP (New York Metro, Long Island, Brooklyn)

Driven by the collaboration between members of this coalition, the strength of organizational membership, the provision of desirable CPE credits and the concurrence of National Cyber Security Awareness Month, the NYMJCSC promises -- once again -- to be a well-attended by members of the information technology, information security, audit, academic, and business communities.

As part of our educational mission as a coalition of non-profit organizations, registration fees are only to cover the costs of the facility, food and refreshments.

Here are the Videos from last year talks
We are ramping up again for Oct 5,  2017 and a call for speaker will be going out shortly

The Dark Web - DarkNet —A Threat to Your Business? 

I did a webcast for ISACA on The Dark Web, DarkNet —A Threat to Your Business?  
The original talk was on  Thursday, 20 April 2017, the talk was 1 hour and is good for 1 CPE

The DarkNet is the World Wide Web content that exists on DarkNet, overlay networks which use the public Internet but require specific anonymizing software, configurations or authorization to access. It’s a secretive place where dissidents can hide their digital tracks, a place where whistleblowers can reach out safely to scoop-seeking media outlets and where you can buy PII and sensitive information. Having an integrated understanding of the DarkNet is important.
During this webinar, you will learn:
  • How the DarkNet works
  • What is Tor and how to set it up
  • How to reduce risks, search and explore the DarkNet
You can see the recording at

There also is blog article that gives addition information. you can see the blog at

Thursday, November 17, 2016

Free training from Microsoft

Azure for IT Pros Content Series
IT Pros, if you’re ready to dive into Azure—from fundamentals to deployment, security, and management, along with scale and agility, this series of courses is for you!  Get an authoritative and comprehensive look at Azure and its components.  And come back for more, as this series will eventually include as many as 12 courses, with topics ranging from Azure Storage, Azure Data Services, Azure Web Apps and Mobile Apps, and much more—basically, all you need to know about Azure.

DevOps with Visual Studio Team Services and Team Foundation Server
If your team is designing, building, and managing enterprise solutions and cross-platform mobile business apps, you may have already established some DevOps guidelines. Watch this course for detailed DevOps training! See how practicing DevOps can help teams respond faster to competitive pressures by replacing error-prone manual processes with automation for improved traceability and repeatable workflows. This course explores the Microsoft DevOps solution built upon the Visual Studio Team Services (VSTS) and Team Foundation Server (TFS) platform.

Free books from Microsoft

Here are some free eBooks that are on the Microsoft site that you can download.


Published: October 2016|90 pages
Data Science with Microsoft SQL Server 2016
Buck Woody, Danielle Dean, Debraj GuhaThakurta, Gagan Bansal, Matt Conners, Wee-Hyong Tok
Download here The world around us—every business and nearly every industry—is being transformed by technology. SQL Server 2016 was built for this new world and to help businesses get ...ahead of today’s disruptions. With this free eBook, learn to install, configure, and use Microsoft’s SQL Server R Services in data science projects. R is one of the most popular, powerful data analytics languages and environments in use by data scientists

Published: September 2016|435 pages
Introducing Windows Server 2016 John McCabe
Download here Windows Server has powered a generation of organizations, from small businesses to large enterprises. No matter what your area of expertise, this book will introduce you... to the latest developments in Windows Server 2016. Each chapter has been written by either field experts or members of the product group, giving you the latest information on every improvement or new feature that is included in this version of Windows Server

Published: September 2016|246 pages
Microsoft Azure Essentials: Fundamentals of Azure, Second Edition
Michael S. Collier and Robin E. Shahan
Download here The “Microsoft Azure Essentials” series helps you advance your technical skills with Microsoft Azure. This book covers the fundamentals of Azure you need to start developing solutions right away. It concentrates on the features of the Azure platform that you are most likely to need to know rather than on every feature and service available on the platform. This book also provides several walkthroughs you can follow to learn how to create VMs and virtual networks, websites and storage accounts, and so on. In many cases, real-world tips are included to help you get the most out of your Azure experience. In addition to its coverage of core Azure services, the book discusses common tools useful in creating and managing Azure-based solutions

Published: July 2016|189 pages
Introducing Microsoft Power BI
Alberto Ferrari and Marco Russo
Download here Get started quickly with Microsoft Power BI! Experts Alberto Ferrari and Marco Russo will help you bring your data to life, transforming your company’s data into rich visuals for you to collect and organize, allowing you to focus on what matters most to you. Stay in the know, spot trends as they happen, and push your business to new limits. This eBook introduces Microsoft Power BI basics through a practical, scenario-based guided tour of the tool, showing you how to build analytical solutions using Power BI. Get an overview of Power BI, or dig deeper and follow along on your PC using the book's examples

Published: July 2016|125 pages
Windows 10 IT Pro Essentials Support Secrets
Ed Bott
Download here Dive in to Windows 10 with award-winning journalist and Windows Expert Ed Bott in this highly curated free eBook of essential Windows 10 support secrets. Whether you’re a classroom full of office workers or working one on one with a harried small business owner, your first challenge in introducing Windows 10 is helping each user get comfortable with new ways of doing familiar tasks. The amount of change can be overwhelming, especially for nontechnical users who’ve grown accustomed to Windows 7 after years of everyday use. This book is for anyone who trains people to use Windows 10, including IT pros and those brave souls who staff the help desk in corporations. Most of all, it includes the incredibly large population of people who have earned a reputation for being “the person who knows Windows.

Published: July 2016|192 pages
Configuring Microsoft SharePoint Hybrid Capabilities
Jeremy Taylor, Neil Hodgkinson, and Manas Biswas
Download here Microsoft SharePoint hybrid consists of a growing list of advanced hybrid solutions that empowers organizations to consume benefits of the cloud and maintain their on-premises investments. This book is the second in a series of SharePoint hybrid books in which we show you how to configure, troubleshoot, and manage a SharePoint hybrid environment. As you move toward configuring a SharePoint hybrid environment, you will soon realize the need for a go-to manual to ensure a successful implementation. This book does exactly that! It contains step-by-step instructions to help you with configuring and managing SharePoint hybrid. Although, it is aimed primarily for a technical audience, it also addresses business benefits that you might need to present to your management. This book covers configuring these SharePoint hybrid capabilities in detail, along with scenario-based troubleshooting and recommended practices

Published: June 2016|214 pages
Introducing Microsoft SQL Server 2016: Mission-Critical Applications, Deeper Insights, Hyper scale Cloud
Stacia Varga, Denny Cherry, and Joseph D’Antoni
Download here With Microsoft SQL Server 2016, a variety of new features and enhancements to the data platform deliver breakthrough performance, advanced security, and richer, integrated reporting and analytics capabilities. In this eBook, we introduce new security features: Always Encrypted, Row-Level Security, and dynamic data masking; discuss enhancements that enable you to better manage performance and storage: TemDB configuration, query store, and Stretch Database; review several improvements to Reporting Services; and, describe Always on Availability Groups, tabular enhancements, and R Integration

Published: June 2016|67 pages
Microsoft Platform and Tools for Mobile App Development
Cesar de la Torre and Simon Calvert
Download here Understanding and creating a mobile app development strategy is an important process for today’s development decision-makers opening new business opportunities or empowering employees to be more productive with new capabilities. Microsoft defines an end-to-end platform for the agile creation of mobile apps that can target any platform (iOS, Android, or Windows), provides easy consumption of services in the cloud or on-premises, spans the requirements for consumer or employee scenarios, offers development teams DevOps tools to improve quality and to achieve faster time to market, and allows for integration with existing enterprise systems. This eBook outlines that end-to-end platform for organizations selecting technologies and tools for a mobile application development platform and for rapid mobile application development. It also describes the core decision factors that organizations should consider, and it outlines the technical capabilities available within Microsoft solutions and products