Category Archives: Events

Happy Hour: RSA 2016 Happy Hour @ Restaurant Volta

Date: March xx, 2016
Happy Hour @ Volta SF
Whether you’re planning to attend this year’s conference or not, join us for a Happy Hour of networking and discussions, Thursday March 3rd. We’ll be gathering for drinks and appetizers at San Francisco’s newest and highly rated restaurant Volta. Volta is located in very close proximity to the Moscone Center, where the RSA Conference is held. The chapter sponsors appetizers and a drink, hope to see you soon!

Read More…

Holiday Party 2016: (ISC)2 San Francisco Chapter Holiday Party @ Hawthorne

(ISC)2 San Francisco Chapter 2015 Holiday Party

Join us December 9th at Hawthorn Cocktail Lounge for our (ISC)2 San Francisco Chapter Holiday Party!  We’re having a traditional Spanish Paella party, with a large bubbling pan cooked in front of us while we sip cocktails and nibble on tapas.


We invite our members and their guests for networking, holiday mingling, and social camaraderie! We have again invited the local Bay Area Chapter of the High Technology Crime Investigations Association (HTCIA) to join us.  We’re looking forward to catching up on their chapter activities. Please visit HTCIA’s website for more information about them.

Hawthorn Cocktail lounge is a swanky, newly remodeled venue blocks away from Union Square and near Montgomery Street BART station. Your registration will help supplement chapter funds so we can have plenty of food and drink available for everyone. Please be sure to register so that we can expect you.


Registration will provide the following:
  • Catered paella & tapas dinner
  • Two drinks
  • Evening of networking and fun with fellow members and professionals

Looking forward to seeing you there!

Security Salon: Dinner at Oakland’s Grocery Café

Date: August 27, 2015

For our next event, we are offering the unique opportunity to share a dinner and casual conversation with an in-the-trenches large company leader of security compliance. 

Why Do Enterprise IT Security Projects Fail?
(And What You Can Do About It)

Hear Doug Meier, Director, GRC at Pandora present this topic, and then capitalize on the opportunity to pick his brain when his mouth is full on his day-to-day challenges and his outlook on the future of security.  

Dinner will be an elaborate prix fixe of unusual Burmese dishes with such proteins as quail, duck, and lamb paired with carefully chosen wines and beverages.  The owner of this restaurant grows championship chilies behind the restaurant; so for you hot-heads, you can singe your palates with exquisite hot condiments.  We will have a nice dessert to finish.  You will leave stuffed – belly and cranium.  We will need to limit the number of attendees, so register ASAP.  All inclusive: $45 for Chapter members and $50 for guests.


Doug Meier, Director, GRC at Pandora

Doug has 20+ years of experience designing, staffing, and managing Enterprise Architecture, Enterprise Security, Information Security, IT GRC, and related programs for Silicon Valley Internet companies. He likes the daily challenge of directing teams of talented people on critical business initiatives. He likes the excitement of bringing talented people together to solve business problems. And he enjoys working independently on program planning, security research and investigation, and vendor technology assessment and evaluation.  Doug defines teamwork as taking ownership of problems and solutions, taking responsibility for communicating, and following through until the job is done. That’s the main reason he has been successful in a range of corporate cultures in Silicon Valley, from start-up to global enterprise.

June 25th Meeting: Opportunities in Cybersecurity

Date: June 25, 2015

Opportunities in Cybersecurity

Join us June 25th at Wetherby Asset Management to discuss entrepreneurial and job opportunities in cybersecurity.  We have a packed evening with two technical presentations and a sponsor presentation and the chance to network over food and wine.  Come and help kick off year three of the Chapter!

Presentation #1:  Opportunities in Forming a Cybersecurity Startup

Is your startup waiting to be born?  This presentation will be multi-part with first a discussion by Mahendra Ramsinghani about (a) How to assess market opportunity, (b) identify if you have the ability to risk it, and (c) tactics to raise capital. Following this will be Matthew Tamayo-Rios presenting the Kryptnostic startup story with a detailed technical overview of homomorphic encryption and encrypted search.  Finally a ‘fireside chat / Q&A” will be moderated by Mahendra.


Mahendra Ramsinghani                    Matthew Tamayo-Rios 

Mahendra Ramsinghani brings his two decades of business expertise to foster innovation with infosec / cybersecurity startups.  He works with founders to develop their value proposition, engage with CISOs of Fortune 500 companies and attract capital from the best-in-class security investors.

As Managing Director of First Step Fund, he has led investments in over fifty startups. Mahendra is the author of two leading books on venture capital and startups – “The Business of Venture Capital” (Wiley Finance, 2014) and “Startup Boards” (Wiley, 2014) co-authored with noted VC Brad Feld. His articles have been published in Forbes, MIT Technology Review and Huffington Post. 

As a frequent speaker on Venture Capital & Technology, Mahendra has presented at IBF Venture Conference (San Francisco), Swissnex – Future of Cyber security (San Francisco), Traction (Vancouver, BC), Thompson Reuters VCJ Alpha Conference (Boston & San Francisco) and National Public Radio 91.7 UOFM.

His educational background includes a B. Engg. (Electronics) and MBA (Finance & Marketing) from University of Pune, India. 

Matthew Tamayo-Rios is Founder and CEO of Kryptnostic. Kryptnostic has solved the challenge of search inside encrypted objects. Its team of determined optimists has formerly worked at Palantir, Microsoft and is firmly united by the belief that enterprises can safely leverage their data in the cloud. Leading investors such as Index Ventures, Felicis Ventures, Harrison Metal and RRE Ventures back the company. 

Previously, Matthew has worked at Microsoft on the OS Security team and at Palantir, Raytheon and AOL. He got started in computer security at the early age of nine, hacking his mother’s point of sale retail system to adjust the ice cream inventory. Matthew earned his BS in Math, Computer Science at RPI and MS at University of Washington.


Sponsor Presentation: Humming Heads’ API-Whitelist Solution

We are welcoming our Chapter’s platinum sponsor Humming Heads to provide background on adopting an API-Whitelist solution, and to introduce and demo the application of this solution in their technology.  Representatives from the Humming Heads’ Tokyo team will be flying in to participate led by Kato Mikiya (President Humming Heads USA). 

SHINOBI Defense Platform marks an abrupt departure from the standard PC security model. Instead of a black list identifying prohibited software, viruses, malware and similar threats — also known as a signature file, SHINOBI employs its patented API monitoring technology to provide the only effective whitelisting cyber defense system available. Humming Heads is authorized by ISO/IEC 15408 LEVEL-EAL3 for its basic technology, and SHINOBI is in the process of receiving the same authorization.  SHINOBI monitors all API activity and will only allow programs whose APIs it has identified as safe to access a computer or system. 

Additional information is available at: 



Presentation #2:  Opportunities in Securing Mobile Applications

Mobile apps are changing business models and will decide the success of your products. It is proven that most commercial (CRM, Accounting software, etc) and personal (Home Theater, TV) products with mobile capabilities do better long term in the market than their competitors with traditional web interfaces. Yet most IOS and android apps are impacted by medium to severe security vulnerabilities that put application data, as well as data stored on the device, at risk.  

This interactive presentation will discuss common mobile application security vulnerabilities and remediation strategies that entrepreneurs and organizations should adopt to develop and put out secure mobile apps. We will play around with real mobile apps from Apple and Google Play stores, use open source tools to identify security vulnerabilities, and discuss countermeasures that will protect critical data and application functionality 


Kartik Trivedi

Kartik Trivedi is a partner and co-founder at Symosis with 15+ years of experience helping numerous entities including Fortune 500, non-profit, tech start-up, financial services, and healthcare organizations meet their security, privacy, and business needs by helping to define strategic goals, develop road maps for more functional, mature, and secure programs, address immediate issues, and drive implementation of practical security solutions. Prior to Symosis Kartik was director of application security at Accuvant, Managing Principal at McAfee, Principal at Foundstone and software development engineer at concept solutions. Kartik has MBA & MS Degrees and CISM, CISA, CISSP certifications.  Specialities include:
  • Technical expertise with business acumen
  • Security risk assessments, penetration testing, Web/Mobile/Cloud platforms, secure software development, threat modeling, code reviews
  • PCI, HIPAA, ISO and other security standards and compliance
  • Security training for developers – Online and Instructor led
  • Published author & regular speaker at OWASP, RSA, ISACA, and other conferences

Pizza and Beer   

Food and Drink will be provided.