- This event has passed.
NJ ISSA Chapter Meeting on 03/25/2020 – CANCELLED
March 25, 2020 @ 4:00 pm - 7:00 pm
We have come to the decision that due to the spread of COVID-19 the March 25th chapter meeting has been cancelled. Our next scheduled meeting is for June 24th.
New Jersey Chapter ISSA Meeting
Date: Wednesday, March 25th, 4:00pm – 7:00pm
Venue: Deloitte, 100 Kimball Drive, Parsippany NJ
3:30 – 4:00 Check In/Registration
4:00 – 4:15 NJ ISSA Chapter Updates
4:15 – 5:15 Presentation: Automate or Die – DevSecOps in the Age of Software Supply Chain Attacks
Irina Tishelman, Solution Architect, Sonatype
As nimble organizations deliver new innovations, adversaries are also upping their game; something we’ve seen in recent high profile and devastating cyber attacks. Bad actors have the intent and ability to exploit security vulnerabilities in the software supply chain – and in some cases plant vulnerabilities themselves. They have increased scale through automation and improved breach success through precision targeting. If we don’t fight back by doing the same – automating security directly in the DevOps pipeline – then we’ll always be at the hackers’ mercy. This session will provide new research on the above, and details on how to get started.
• Real-world examples of how large and small companies are implementing DevSecOps practices in their own delivery pipelines, and increasing developer awareness to risks
• Key insights from the 2019 DevSecOps community report – including the top investments for automated security
• A walkthrough of how security principles have been automated into a CICD pipeline and what standards for implementation are beginning to follow suite
• Why DevSecOps is more than a buzzword, and why it’s vital to protecting your software supply chain
• How automating security of policies makes it harder to ignore.
5:00 – 5:15 Break
5:15 – 6:00 Group Discussion: Information Security Headlines
Information security incidents and media headlines are omnipresent. We will be reviewing a few interesting recent security headlines and discuss as a group – sharing collective insights, and approaches that organizations can take to respond to similar challenges we face around Cybersecurity today.
6:00 – 7:00 Cocktail Reception