Cyberspace Operations in Military and Private Sector / API Security Governance and Risk Management
(ISC)² Long Island Presents, “Cyberspace Operations in Military and Private Sector / API Security Governance and Risk Management”
Please join us for our October meeting featuring a in depth discussion on Cyberspace Operations and API Security Governance and Risk Management. We are continuing the return to in-person meetings. This will be a hybrid event and will include Teams access for remote attendees and presenters.
Additional details and registration information can be found at the “Register Now” link below. Members can invite one guest at no charge and get their promo codes by logging into the chapter website and going to their “My Page”. Sponsor promo codes have been previously distributed. Non-members can register for a nominal fee.
Agenda
5:15 – 6:00 In-Person Registration and Networking
5:50 – 6:00 Remote attendees join via Teams
6:00 – 6:15 Welcome and chapter updates
6:15 – 7:05 Cyberspace Operations in the Military and Private Sector
7:05 – 8:00 API Governance and Risk Management
8:05 Session Wrap-up
Session 1 – Cyberspace Operations in the Military and Private Sector
Speaker(s):
Scott Croskey (Major, US Air Force / VP, Cyber Detection & Response Leader)
Cyberspace is the next warfighting domain, with threats coming from every corner of the globe. In order to secure our way of life, both governmental and private organizations must work in conjunction. Our speaker, Scott, has experience defending government and private sector organizations from cyber-attacks. Through his military affiliation, he has experience with strategies employed by the United States both offensively and defensively against Nation-States, Non-Nation States, Violent Extremist Organizations, and other threat actors.
About the Speaker(s):
Scott works full time at Synchrony Financial as the Cyber Detection and Response Leader. He also works part-time as an Air Force Cyber Warfare officer (Major) assigned to US Cyber Command at Fort Meade, Maryland where he works as a Cyber Battle Captain. In this capacity, Scott is in command running a 12-hour shift where he directs the Command and Control of full spectrum cyber operations and global threat mitigation across the Department of Defense. Scott graduated with a Master of Science in Computer Information Systems & Security from Boston University and a Bachelor of Science in Electrical Engineering from Ohio University. Throughout Scott’s career he has held several IT Security Certifications including the Certified Information System Security Professional (CISSP), Certified Ethical Hacker (C|EH), and CompTIA’s Security Plus.
Session 2 – API Governance and Risk Management
Speaker(s):
Dr. Baljeet Malhotra, CEO & Founder TeejLab
APIs are software glue that connect our digital world driven by AI/ML, IoT and other applications. APIs impact organizations both positively (through innovations, new business models, competitive differentiation, etc.) and negatively (due to security, business disruptions, legal and compliance issues etc.). These impacts are compounding with evolving APIs within enterprises and globally. Gartner has already predicted 90% of attacks on web applications come from exposed APIs resulting in data breaches. Given the importance of APIs for enterprises, it is imperative for Security, Compliance and Audit professionals to get a handle on APIs before things get out of control. This workshop will provide an overview of an API Governance framework to manage API security and legal risks. This framework is inspired by the Zero Trust model that enterprises can adopt for effective API Risk Management. We’ll highlight best practices, both manual and automated, with relevant tool recommendations. Participants will have an opportunity to exercise use case(s) using these tools.
About the Speaker(s):
Dr. Baljeet Malhotra is an award-winning researcher known for his work in Open Source and API Risk Management. He conceived the world’s first “API Composition Analysis” based on source code static analysis. He founded TeejLab in 2017 and steered the team to build API Discovery and Security™, world’s first comprehensive end-to-end API Risk Management platform.
Prior to TeejLab, he established the R&D unit of Black Duck Software in 2016 (acquired by Synopsys). He also served as Research Director at SAP. He received a PhD in Computing Science from the University of Alberta and won several awards including NSERC (Canada) scholar and Global Young Scientist (Singapore). He concurrently holds Adjunct Professor positions at the University of British Columbia, University of Victoria and University of Northern BC.