- New Mexico Chapter Annual General Meeting
- One hour CPE and Chapter Elections
- Friday, August 21, 2020, 11:30 AM-1:00 PM
- $25 Grub Hub certificate to all members who attend
- Cost: Free for members and guests
- 10-minute Sponsor Talk - Abba Technologies
- CPE Presentration: Social Engineering
- Speaker: Joe Gray
Join New Mexico ISACA for our Annual General Meeting. Chapter members in attendance will cast their ballots for the 2020-2021 Chapter Board. Since this is an online meeting, a $25 Grub Hub certificate will be presented to all current New Mexico Chapter members in attendance. Yes, you are reading this right. You will actually get paid to earn an hour of CPE. That is our way of showing appreciation to our ISACA New Mexico Chapter members.
Guests are welcome. All attendees are eligible for CPE Credit, provided polling questions are completed.
Thanks to our sponsor, Abba Technologies, this meeting is free! Founded in 1993, Abba Technologies has provided over 26 years of reliable and secure IT solutions and services to companies and government agencies throughout the US. Our goal is to be our customers’ trusted IT advisor. We provide a comprehensive approach to IT by evaluating and implementing solutions from our core areas, and complimenting these solutions with professional and managed services.
Presentation abstract:
Reporting is generally boring. As social engineers, we often get wrapped up in the hustle and bustle of performing the engagement and report writing falls to the side. While the reports do go out and we meet client obligations, a serious question arises: Are we providing meaningful measurements, metrics, and advice to the client?
We surely highlight the deficiencies and where to improve in a report, which is pretty standard. How do we measure the things that matter most to the client? Measuring opens just tells us how many people read their email and, while risky, clicks do not always translate to negative outcomes. Instead of focusing on email opens or links clicked by users, this presentation is introducing:
- Measurements rooted in statistics
- Data science techniques
- Indicators that actually speak to the security posture and culture of the organization.
The distance of a metric is the time between an event (a click or open) and another event (inputting information or reporting the event). These metrics are far more indicative of how an organization would fare against social engineering than who opens an email.
About our speaker:
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior OSINT Specialist at Qomplx, Inc. and previously maintained his own blog and podcast called Advanced Persistent Security. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. As a member of the Password Inspection Agency, Joe has placed 2nd in the HackFest Quebec Missing Persons CTF powered by TraceLabs, 2nd in the BSides Atlanta OSINT CTF, and 3rd Place in the 2018 & 2019 NOLACon OSINT CTFs. Joe has independently placed 2nd in the HackFest Quebec SECTF, 4th Place in the DerbyCon OSINT CTF, and 2nd Place in Hacker Jeopardy at Hack in Paris. Joe has contributed material for the likes of TripWire, AlienVault, ITSP Magazine, CSO Online, Forbes, and Dark Reading as well as his own platforms.
Total attendees: 37
Board members present: 10
Members present: 18
Non-members present: 19
Speakers: 1
Sponsors present: 2
past_event