ISACA-CMC May 2022 Virtual Training

When:  May 18, 2022 from 13:00 to 16:00 (ET)

The ISACA Central Maryland Chapter invites you to our monthly training event on Wednesday, May 18, 2022. ISACA Members, cyberaudit, assurance, Cybersecurity Nexus (CSX), risk management, governance, and internal control professionals and practitioners new to the field and those with years of experience will benefit from this event. The training event offers an opportunity to expand your network and build on your knowledge and skills. After registration, you will receive the Zoom registration email.  See Zoom Instructions below for further information. 


  • This training earns up to 3 CPEs if attended for the duration.
  • The Presentation slides will be sent to the email address you use to Register a day or two before this meeting. 

Title: Identifying toxic combinations of permissions in your cloud infrastructure

Speaker: Mike Raggo

Topics :

  • With more than 24,000 permissions across AWS, Azure, and GCP, how does one determine who gets what permissions? Half of the 10,000 permissions in AWS are admin-like permissions. This is even more complicated when new permissions and services are being added almost daily.
  • Mapping these out and understanding their implications is a difficult task, yet attackers understand them well enough to leverage toxic combinations of these permissions for privilege escalation and exploiting your cloud infrastructure
  • In this presentation, we'll share our experiences in doing > 150 risk assessments across AWS, Azure, and GCP. We'll review common admin permissions that we commonly find accidentally assigned to developers and users. We'll reveal some extremely powerful permissions that can be mapped to a Cyber Kill Chain specific to cloud infrastructure. This will uncover toxic combinations of permissions that can lead to lateral movement, privilege escalation, exfiltration, and more.
  • We'll provide real world examples of findings from audit logs, activity monitoring, and ML-based anomaly analysis. We'll then outline a strategy to tracking this moving forward actively within your environment and how to mitigate this over-permissioned access to build a permissions management lifecycle.

    We promise you a high knowledge value session. 

    12:30 – 1:00 Registrants and speakers enter zoom meeting for networking time
    1:00 - 4:00 Training with 10-minute breaks at the bottom of each hour
    4:00 – 4:30 zoom will still be on for more possible networking chat window time

    Earn 3 CPEs toward your CISM, CISA, or other certification (CPE credits are based on 50-minute increments)

    Members $30.00
    Non-Members $45.00
    Retirees $15.00
    Full-time Students $15.00
    (*Members Price is for all ISACA, IIA, ISSA, AGA, and CFE members)

    Payment options:
    • Pay by credit card

    Training Session 1:00 PM to 4:00 PM*
    * A break will be offered in between training sessions

    Zoom Registration Required:  Once you have registered for this event in Cvent, you will receive a Cvent Confirmation email from Pat Hamilton.  The subject line will be "Confirmation and Zoom Registration Link".   Pat's email will include a confirmation of your Cvent registration, your payment, and the Zoom Registration Link with detailed instructions for Zoom pre-registration and day-of registration.  The training slides will be sent via a separate email just prior to the Training.  If you have difficulty on the day of the event you should first check your email boxes for the subject line mentioned previously.  If you do not have the Zoom link or are having difficulty registering within Zoom, please contact Pat Hamilton at

    Cancellation Notice: Please refer to the “Fees” page for our refund policy for this event. Full refunds will be given if registration is canceled prior to noon on Friday (May 13, 2022) before the meeting is held. Use either the link in your confirmation email or select “Already Registered” at the bottom of the meeting summary event page to access your registration (i.e., the email address used to register for the event and your confirmation number will be needed to access/modify/cancel your registration). If you need to cancel after that date, please contact Pat Hamilton via email at as refunds will not be given, although attendance is transferable. Reservations made after this time will be accepted on a first-come, first-served basis, but cannot be guaranteed due to space limitations and may include a late fee. ISACA Central Maryland Chapter reserves the right to cancel this event if there is not sufficient participation.  Participants will be notified in the event that the monthly meeting has been canceled and paid registrations will be refunded.


ISACA-CMC Membership