In this issue


December 2016  

Central Florida Chapter News

-          A message from our President, Angela McLean:


Dear Fellow (ISC)2 Orlando Chapter Members:


We have three Officer positions opening for 2017. This is a very exciting time, and we need you to become involved to make the nomination process successful.   You may nominate any qualified candidate to serve as an Officer. To find the list of current (ISC)2 chapter members, click here.


I encourage you to self-nominate, nominate a friend or any individual who you would like to see hold an Officer position and/or serve in a chapter leadership role for the any of three open Officer positions. Those positions are: President, Membership Chair and Treasurer.  


Please contact your nominee in advance of submitting the nomination to determine their willingness to serve. Also, send a current resume of the nominee when replying back.


At the January 2017 chapter meeting, the Chairman and Executive Officers will determine a slate of three officers to serve on the (ISC)2 Orlando Chapter Executive Committee.

Remember, the deadline to submit nominations for the Officer positions is due on or before January 5, 2017.   Nominations should be sent to


The evaluation criteria used by the committee to select Officers:

Membership is current and in good standing


Thank you in advance for taking an active role in this year’s nomination process. Let me know if you have any questions. We look forward to hearing from you—and we hope you will use this opportunity to make your voice heard.

Back to top

(ISC)² Central Florida Chapter Newsletter

Chapter news:

-       Dues Changes Coming: We want to make membership accessible to as many qualified people as possible, and to avoid dues being a barrier to membership.  That said, to remain a financially viable organization, we have to raise the dues.   The executive team is proposing an increase from the current $25, to $35.  We are eager for member feedback and funding ideas, so if you have any thoughts, please send them to us.  We’ll publish whatever we receive in the subsequent newsletter for everyone to consider.  NB: We have received no feedback from any of these announcements, and thus expect no complaints when they’re enacted.

-       We’re always looking for interesting presentations.  If you have something to share, or know of someone who does, please let us know.  Don’t be shy – we’re a friendly bunch!

-       Similarly, if you can offer, or know of a venue which could host our meetings – especially in areas of town we haven’t typically had meetings, please let us know. 



-       Save the date: NEXT MEETING: Thursday, January 12th



Upcoming Events:

Data Connectors

2017 Orlando IT Security Conference
January 19, 2017 8 am to 5 pm

Venue: TBD


Other news from around the world of InfoSec:

-       Let’s dive right into the IoT angle! MIT Technology Review warns, in this November 30th piece: “The army of Internet-connected devices being corralled and controlled to take down online services is active, growing—and up for grabs.”

-       Do not fear, however!  Watson is here!’s Brian Barrett attempts to set our minds at ease with “IBM’s Watson Now Fights Cybercrime in the Real World.”

-       Looks like Germany could have used Watson’s help!  Read up on “Security News This Week: A Botnet Takes Down Nearly a Million German Routers

-       Excellent thoughts from General Gregory Touhill, U.S. CISO in his blog post “My Priorities as the First U.S. Chief Information Security Officer”. Five “lines of effort:

o   Harden the workforce

o   Treat Information as an Asset

o   Do the Right Things the Right Way

o   Continuously Innovate and Invest Wisely

o   Make informed Cyber Risk Decisions at the Right Level

-       Out of comes the unsettling news “’Fatal’ security bugs discovered in defibrillators and medical implants.”  Quoting from the article, “In one example, an attacker would be able to collect sensitive data readings about the patient and change the commands for a device like pacemakers to disable certain functions or deliver an unneeded shock to the person, which could be fatal.”


-       And, when you’re sitting in a cold, damp, concrete-floor/wall/ceilinged jail cell due to your overexuberance  in “helping” the U.S military after not fully reading the previous link, you can pass the time with these “Five essential cybersecurity audiobooks.”

-       AVTest’s “Current Risk Scenario: AV-TEST Security Reports Fact at a Glance” is so good, I can’t decide what to quote, so I won’t bother.  I suggest you read the whole thing and then download the full report for free.

-       Warning! Hacking company confirms it can break into any iPhone or phone” “No reason to worry about this”, so the company says.  You call on whether to believe that or not, and, yes, the use of the word “call” related to a story about phones was a pun.

-       Oh, joy! TechCrunch relates: “Security researchers at Israel’s Ben Gurion University have created a proof-of-concept exploit that lets them turn headphones into microphones to secretly record conversations. The PoC, called “Speake(a)r,” first turned headphones connected to a PC into microphones and then tested the quality of sound recorded by a microphone vs. headphones on a target PC. In short, the headphones were nearly as good as an unpowered microphone at picking up audio in a room.”

-       OK, so not InfoSec, but interesting enough to include, but, being InfoSec my Professional Paranoia© kicked in, so of course I’m considering the security angle.  At any rate, TechCrunch, in “Google’s AI translation tool seems to have invented its own secret internal language”: “All right, don’t panic, but computers have created their own secret language and are probably talking about us right now. Well, that’s kind of an oversimplification, and the last part is just plain untrue. But there is a fascinating and existentially challenging development that Google’s AI researchers recently happened across.  Think they’re talking about InfoSec?

-       “Subject is about to leave!  That’s troubling!  Don’t go!  Don’t go!”  For insight into the depths that we can be monitored by any website, visit ClickClickClick.Click.

-       So, Dyn, victim of that recent DDoS attack, is getting gobbled up by Cisco, which had previously purchased OpenDNS.  I sense a pattern.

-       Not to be outdone, Symantec is buying LifeLock.  Gotta love those subscription models!

-       Finally, on a self-improvement note, I found this page, “Cybersecurity Capability Maturity Model (C2M2)” to be very interesting, and in addition, it included links to quite a bit of other great information.  Read up!


That’s is for now.  Remember to self nominate for one of those resume-enhancing and fun executive positions, because we only have one nomination for President, and one for Membership Chair, and what fun is an election without choices, right?

Next newsletter in two weeks!


Steve Sacco, CISSP

Membership Chair



Back to top