3
2016 Security Review and Predictions for 2017
Welcome Conference Moderator
Jorge OrchillesSenior VP, CitiDirector, South Florida ISSA
To ask a question:Type in your question in the Questions area of your screen.
#ISSAWebConf
4
2016 Security Review and Predictions for 2017
Today’s Speakers
Kip BoylePresident of Cyber Risk Opportunities, LLC.
Ron ChestangSenior IT Security Consultant, Hewlett Packard
Andrea HoyPresident of Information Systems Security Association
International
5
Speaker Introduction
Kip Boyle• President of Cyber Risk Opportunities,
LLC
• Former CISO at PEMCO
• Retired US Air Force officer
• Certified CISM, CISSP
• B.S. in computer information systems at the University of Tampa and MS in Management at Troy State University
@KipBoyle
1/25/2017© 2016, Cyber Risk Opportunities, LLC. All
Rights Reserved.10
Wiped out $135 billion of stock value
1/25/2017© 2016, Cyber Risk Opportunities, LLC. All
Rights Reserved.12
The Panama Papers are a
management failure
The best way to predict the future is to invent itAlan Kay
American Computer Scientist, Inventor of Smalltalk, Turing Award Winner
13
InfoSec Business Value Model
Reliability of
Operations
Expected
Return
IndemnityRisk
Management
• Business
process integrity
• Data protection
• Continuous
improvement
• Future agility
• New capability
• Return on mitigation
• Brand enhancement
• Competitive
differentiation
• Greater
stakeholder support
• Increased
accountability
• Compliance
• Improved awareness
• Risk insight
• Risk and cost
avoidance
• Risk reduction or
acceptance
Trust
© 2016, Cyber Risk Opportunities, LLC. All Rights Reserved. 14
The best way to predict the future is to invent itAlan Kay
American Computer Scientist, Inventor of Smalltalk, Turing Award Winner
25
28
Speaker Introduction
Ron Chestang
• Senior IT Security Consultant
• Over 15 years experience as a Cyber Officer in the United States Air Force
• Expert in war between cyber security professionals and cyber criminals
• Specialist in fighting corporate espionage
Executive Forum 2016
Can A Printer Compromise Your Business?
Ron Chestang GCIH, CISM, CEH,
Print Security Adviser
29
What are the top printing security concerns?
1) Exposure of data in transit
2) Company’s ability to identify a security breach from printers
3) Exposure of documents left in the output tray
4) Unauthorized use of printer features
5) Remote employee’s use of home printers
6) Exposure of device network settings or ports
7) Threat of outside malicious access to network through printers
IDC, “User Perspectives on Print Security,” U.S. companies with more than 500 employees, November 2015 IDC#US40612015
More data
PRINTERS ARE UNDER ATTACK
64%IT MANAGERSREPORT LIKELY
PRINTER MALWARE INFECTION
60%HAD A PRINTERDATA BREACH
Ponemon Institute, “Insecurity of Network-Connected Printers,” October 2015.Ponemon Institute, “Annual Global IT Security Benchmark Tracking Study,” March 2015.
33
AND YET, PRINTING IS NOT A HIGH SECURITY PRIORITY FOR ITDMS
LEVEL OF CONCERN
91%
77%
77%
18%
PC DEVICES
MOBILEDEVICES
SERVERS
PRINTERS
Source: Spiceworks survey of 107 IT pros at companies with 250 or more employees in North America, Europe, the Middle East, Africa, Asia Pacific, and China, conducted on behalf of HP in January 2015,
Print Security Stages of Maturity ( 2016 March )
36
Ad-Hoc
Opportunistic
Repeatable
ManagedUnsecured /Unprepared
RecognizingRisk
BasicCompliance
ComprehensivePolicies
ProactiveManagement
Business unknowingly vulnerable toEither malicious or accidental attacks
via printers/MFPs
Likelihood of attack lessens, still atconsiderable risk due to limited
integration
Organization invest significantly in aProgram that is very device specific, does
not meet robust needs of organization
Continuous print security practicesReasonably certain, exception is
Unexpected types of attacks
Continued readiness using optimized Solutions and strategy mitigates risk
Of print-related attacks
Optimized
1IDC, “IDC MaturityScape Benchmark: Print Security in the United States,” March 2016 IDC#US410480162IDC, “IDC MaturityScape: Print Security”, December 2015
61% of US companies have significantly under-addressed printer security & compliance1
1Includes device, data and document security capabilities by leading managed print service providers. Based on HP review of 2015-2016 publicly available information on security services, security and management software and device embedded security features of their competitive in-class printers. For more information visit: www.hp.com/go/MPSsecurityclaims or www.hp.com/go/mps.
Today’s printers look a whole lot like PCs
Firmware and software
Hardware
Network access
Internet
71% of breaches start from Endpoints
… and are being attacked, just like PCs
WIRELESS HACKING
Researchers in Singapore developed a drone with a mobile phone that
can detect open wireless printers in close proximity then establish the
mobile device as a fake access point that mimics the printer and
intercepts documents intended for the real device.
134 different Vulnerabilities
Over 50 modules/attacks
250 different Vulnerabilities
Over 400 modules/attacks
HP Confidential
Stuxnet is known as one of the most sophisticated viruses ever discovered, so unique it make history as the worlds first global digital weapon of the coming age of digital warfare… Kim Zetter
Discovered exploit using print-spoolerto spread between machines over the network… he tested on his own test machine and it worked. The feeling made his hair stand on end
“
”
2010
47
20162016 NovemberSan Francisco Municipal Railway
“SFMTA network was Very Open and 2000 Server/PC”Forbes
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Office of Personnel Management Breach 21 plus million government employees data compromised.
Office of Personnel Management Breach21 plus million government employees data compromised
• FOR YEARS THESE REPORTS HIGHLIGHTING THESE SYSTEMS, POOR SYSTEM COMPLIANCE”
• Will Hurd, Congressman
“Systematic failure on Security Governance, Controls, Security Management Structure , CMDB accuracy…. So bad recommend to shutdown the systems”
Michael Esser, OPM Audit Inspector General. I.T.
Affinity Health• Multiple leased MFPs were
returned to the leasing agent without erasing the confidential medical records and data contained on the hard drives
• The company who later purchased the MFPs discovered the records on the hard drive
• Affinity estimated that 344,579 individuals may have been affected by the breach
• Breach resulted in $1.2 million in HIPAA violations
HP CONFIDENTIAL Internal Use Only 49
next
previous
home
Source: cnsnews.com “Company Fined for Leaving Electronic Health Data on Hard Drive of Leased Photocopier” August 15, 2013http://www.cnsnews.com/news/a rticle/compa ny-fined-leav ing-e lectronic-hea lth-da ta-hard-drive-leased-photocopier
Security Risk: breach examples
Recent history can open our eyes to the cost, pain and extent of cyber crime
Breach Affected Estimated cost Exploited vulnerability
Anthem Blue Cross and Blue Shield, 2015
Up to 80 million records, including client names, dates of birth, physical and email addresses, medical IDs and Social Security numbers
>$100 million4 Sensitive data, including Social Security numbers, was stored unencrypted5
Target stores,2015
70 million credit and debit cards6 $148 million7 Phishing email sent to HVAC system contractor with unsecured network access8
Aalborg Farveog Lak
Systems disabled and encrypted with ransomware. IT Infrastructure needed to be replaced
1,000,000DKAccess to Corporate network achieved via a Label Printer9
KPMG study in Sweden, 2014
13 of 14 Organizations were infiltrated by malware which was in contact with external C&C servers.
UndisclosedMultiple methods of infiltration used. 11 Organizations were exfiltrating data from various endpoints.
4 ZDNET, February 2015, http://www.zdnet.com/article/anthem-data-breach-cost-likely-to-smash-100-million-barrier5 The Wall Street Journal, http://www.wsj.com/articles/investigators-eye-china-in- anthem-hack-14231675606 New York Times, http://www.wsj.co m/articles/SB10001424052702303754404579312232546392464 7 New York Times, http://www.nytimes .com/2015/08/06/business/target-puts-data-b reach-costs-at-148-million.html?_r=08 Krebs On Security, February 2015, http://krebsonsecurity.com/2015/02/target-hac kers-broke-in-via-hvac-co mpany/9 Hacker kom ind via labelprinterHacker kom ind via labelprinter, April 2015 http://www.computerworld.dk/art/233684/hacker-kom-ind-via-lab elprinter-to g-dansk-firmas-it-systemer-som-gidsel10 Swedish Civil Contingencies Agency https://www.msb.se/en /Products/Publications/Publications -from-the-MSB /Information-Security--trends-2015-A-Swedish-perspective/11 KPMG http://www.kpmg.com/SE/sv/kunskap-utbildning/nyheter-publikation er/Publikation er-2014/Documents/Study-report-Unkno wnThreats-in-Sweden .pdf
Printers at 12 Colleges Spew Hate Fliers in Suspected HackMARCH 25 2016, 4:06 PM ET
“DePaul University said it suspects their printers were hacked are now taking steps to secure them from future breaches.”
Hacker claims to have within minutes identified roughly 29,000 printers that were connected to the Internet and could be exploited through an open port, then automated a procedure that asked each vulnerable machine to print the hate flyer.
The fliers were discovered this week at Princeton, Brown, Northeastern, UC Berkley, DePaul, UMass Amherst, Smith College, Mt. Holyoke, among others.
Hacking Wireless Printers With Phones on Drones
©2016 HP, Inc. All rights reserved. | The information contained herein is subject
to change without notice. | HP Confidential
53
©2016 HP, Inc. All rights reserved. | The information contained herein is subject to change without notice. | HP Confidential53
Researcher’s in Singapore developed a drone with a mobile phone that can detect open wireless printers in close proximity then establish the mobile device as a fake access point that mimics the printer and intercepts documents intended for the real device. (2015)
Columbia University
• A grad student in 2011 exposed a flaw in printing devices that could let hackers hijack the devices to spy on users, spread malware and even force the devices to overheat and catch fire
• Printer did not have code signing validation, which allowed the breach
54
previous
home
Source: http://www.scientificamerican.com/a rticle/printers-can-be-hacked-to-ca tch-fire/
HP CONFIDENTIAL Internal Use Only
56 HP CONFIDENTIAL Internal Use Only
Recon
Weaponization
Delivery
Exploitation
Command &
Control
Cyber Kill Chain
57
“I probe around for a multifunction printer and see that it is configured with default passwords. Great I am in” ………..Hackers Playbook by Peter Kim.
“YES! We've compromised a number of companies using printers as our initial foothold, we move laterally from the printer, find Active Directory, query it with an account from the printer and bingo, we hit GOLD”
SEAHawk
Logical Access Governance Physical Security
Asset Management Security Configuration Data Security
Patching & AV Log Management
& Security Incident
Build & Release
Business Continuity Network Security Information Security
Personal Security System Acquisition
& Development
Access Control
Framework – All Venders – All Industries
20 Critical Controls•CSC 1: Inventory of Authorized and Unauthorized Devices
•CSC 2: Inventory of Authorized and Unauthorized Software•CSC 3: Secure Configurations for Hardware and Software on Mobile Device Laptops,
Workstations, and Servers•CSC 4: Continuous Vulnerability Assessment and Remediation
•CSC 5: Controlled Use of Administrative Privileges•CSC 6: Maintenance, Monitoring, and Analysis of Audit Logs
•CSC 7: Email and Web Browser Protections•CSC 8: Malware Defenses
•CSC 9: Limitation and Control of Network Ports, Protocols, and Services•CSC 10: Data Recovery Capability
•CSC 11: Secure Configurations for Network Devices such as Firewall Routers, and Switches•CSC 12: Boundary Defense
•CSC 13: Data Protection•CSC 14: Controlled Access Based on the Need to Know
•CSC 15: Wireless Access Control•CSC 16: Account Monitoring and Control
•CSC 17: Security Skills Assessment and Appropriate Training to Fill Gaps•CSC 18: Application Software Security
•CSC 19: Incident Response and Management•CSC 20: Penetration Tests and Red Team Exercises
20 Critical Controls•CSC 1: Inventory of Authorized and Unauthorized Devices
•CSC 2: Inventory of Authorized and Unauthorized Software•CSC 3: Secure Configurations for Hardware and Software on Mobile Device Laptops,
Workstations, and Servers•CSC 4: Continuous Vulnerability Assessment and Remediation
•CSC 5: Controlled Use of Administrative Privileges•CSC 6: Maintenance, Monitoring, and Analysis of Audit Logs
•CSC 7: Email and Web Browser Protections•CSC 8: Malware Defenses
•CSC 9: Limitation and Control of Network Ports, Protocols, and Services•CSC 10: Data Recovery Capability
•CSC 11: Secure Configurations for Network Devices such as Firewall Routers, and Switches•CSC 12: Boundary Defense
•CSC 13: Data Protection•CSC 14: Controlled Access Based on the Need to Know
•CSC 15: Wireless Access Control•CSC 16: Account Monitoring and Control
•CSC 17: Security Skills Assessment and Appropriate Training to Fill Gaps•CSC 18: Application Software Security
•CSC 19: Incident Response and Management•CSC 20: Penetration Tests and Red Team Exercises
OSWAP Top Ten1. Cross Site Scripting (XSS)
2. Injection
3. Malicious File Extension
4. Insecure Direct Object Reference
5. Cross Site Request Forgery (CSRF)
6. Leakage and Improper Error Handling
7. Broken Authentication and Sessions
8. Insecure Cryptographic Storage
9. Insecure Communication
10. Failure to Restrict URL Access
OSWAP Top Ten1. Cross Site Scripting (XSS)
2. Injection
3. Malicious File Extension
4. Insecure Direct Object Reference
5. Cross Site Request Forgery (CSRF)
6. Leakage and Improper Error Handling
7. Broken Authentication and Sessions
8. Insecure Cryptographic Storage
9. Insecure Communication
10. Failure to Restrict URL Access
70
Types of policy settings250+ security settings available in HP enterprise MFPs
Device control
Credentials
Network Services Device
discovery
Printing
Authentication
Authentication services
Command load and execute
Direct connect ports
Fax speed dial lock
I/O timeout
802.1x Authentication
LDAP Server Authentication
File erase mode
File system access protocols
Control panel lock
FTP Firmware Update
Novell remote configuration Telnet
Remote Firmware
upgrade
PJL password
Device PIN presence
File system password Fax PIN
SNMPv1/v2 SNMPv3
Admin (EWS) password
Bootloader password presence
Public username
Secondary email authentication
Credential type
Allow return email address
change
Restrict Addresses
User authentication
Walk-up authentication
Job storage authentication
Send to e-mail authentication
Job creation authentication
Send to folder authenticatio
n
Copy authentication Send to fax authentication
Service Location Protocol (SLP)
Web Services Discovery (WS-Discovery)Bonjour
Link-Local Multicast Name Resolution Protocol
Maximum attachment size
TCP/IP Printing (P9100)
File Transfer Protocol
Internet Printing Protocol
Novell (IPX/SPX)
HP Enterprise embedded security features
Three key technologies take security to the next level:
• HP Sure Start validates the integrity of the BIOS code
• Whitelisting ensures only authentic, known-good HP code is loaded into memory
• Run-time intrusion detection detects anomalies during complex firmware and memory operations
Each feature automatically triggers a reboot if attacked
• HP JetAdvantage Security Manager automatically assesses and, if necessary, remediates device security settings to comply with pre-established company policies
1 Based on HP review of 2015 published embedded security features of competitive in-class printers. Only HP offers a
combination of security features for integrity checking down to the BIOS with self-healing capabilities. A FutureSmart
service pack update may be required to activate security features. Some features will be made available as a HP FutureSmart service pack update on selected existing Enterprise printer models. For list of compatible products, see hp.com/go/LJcompatibility. For more information, visit hp.com/go/LJsecurityclaims.
Load BIOS
HP Sure Start
Au
tom
atic
reb
oo
t
Check firmware
WhitelistingCheck printer settings
HP JetAdvantageSecurity Manager
Continuous monitoring
Run-time intrusion detection
71
Protect. Detect. Recover.
HP LaserJet and PageWide Enterprise: The world’s most secure printers1 with self-healing capabilities
JetAdvantage Security Manager Customer
A major banking customer needed to secure 30,000 devices.
BEFORE
of fleet complied with security policy
25% Less than
AFTER
of fleet complies with the security policy
97% More than
servers12
daily effort
4 hourssaved every day by built-in reports
HOURS
Assessment: 3 Hours
2 servers
No cost, no obligation limited security risk assessment of 20 of your HP printers/MFPs
Security Manager Quick Assess
Highlights• Assess up to 20 HP
devices; no license key required
• Uses new Limited policy with 13 most common security settings
• No remediation, no certificate mgmt., no Instant-On
• License key will unlock full functionality –no new installation required.
video
Complete Limited Policy
Add devices Assess devices Review Results
All within an hour!
HP Secure Managed Print Services
Printers
The world’s most secure printers1
with self-healing capabilities
Software
Security solutions to detect, protect, monitor and manage the fleet
Services
Experts to assess risks, build and maintain a print security policy
1Based on HP review of 2015 published embedded security features of competitive in-class printers. Only HP offers a combination of security features for integrity checking down to the BIOS with self-healing capabilities. A FutureSmart service pack update may be required to activate security features on the HP LaserJet M527, M506, M577. Some features will be made available as a HP FutureSmart service pack update on select existing enterprise printer models. For list of compatible products visit: http://h20195.www2.hp.com/V2/GetD ocume nt.aspx?docna me=4AA6-1178E NW. For more information visit: www.hp.com/go/LJsecurityclaims.
2Based on the breadth of device, data and document security capabilities by leading managed print service providers. Includes HP review of 2015 published details on security services, security and management software and device embedded security features of leading competitive in-class printers. For more information visit: www.hp.com/go/MPSsecurityclaims or www.hp.com/go/mps.
The most comprehensive device, data and document security.2
HP Confidential 2016
Take action now
Start Scanning Now!
Perform a use case for EOL/EOS Devices
Check your compliance regulations
Password Management
76
Take Action
77
Event messages
Event messages
Event messages
Syslog serverActionable results
SIEM tool
78
“HP Security Assessment and Security Manager saved our bacon”
“I am grateful HP Security team put a clear roadmap together to close my security gaps as opposed to an external audit or worse a shouting match with my management as why a security risk materialized”
“HP Security Services gave us a very clear roadmap and made me look like a security hero”
81
Speaker Introduction
Andrea Hoy
• President of ISSA International
• Founder of A. Hoy & Associates, a Virtual CISO provider
• Represented the United States as a diplomat to China on eDiscovery and forensics
• Formerly Chief Technical Officer of iQwest Technologies
82
2017 Security PredictionsEmerging Technologies: Friend or Foe, Help or Hindrance
Andrea C. Hoy, CISSP, CISM, MBAPresident, InternationalISSA
24 January 2017Webinar
Agenda
– Evolution of Emerging Technologies and their effect on the Security Landscape
– Emerging Tech Now – Every day
– The Hype of Emerging Tech – Top 3
– What should Businesses look to gain from Emerging Tech to grow and have more efficient, value added projects
– Tools that Help Handle Big Data
– Friend or Foe? 2017 Security Predictions
(as a Friend in 2016)
– Leave times based on localized traffic
– Places to eat nearby that are open
– Takes events from your calendar and provides Reminders
and Notifications
– Takes events from your email and provides calendar events,
Reminders and Notifications
– It Tracks where you are
– It Knows where you will be
– It Reads and Analyzes your Calendar
– It Reads and Analyzes your Email
….and what if they hired a Snowden…
2017 will show more maleficents using tracking technology
– Analyzes of Email and Calendar and Buying and if you are Home???
Google Home
as a Foe?
IoT
Self Driving
Automobiles
2016 Doesn’t this Help?
– Self Parking…so it parallel parks!
– Enhanced Cruise Control
– Collision Avoidance – Radar/Microwave
– GPS -Car’s position on the road
– Ultrasonic sensors
– Automatic Emergency Braking
In 2017 Will it be a Hindrance?
– AutoPiloted vehicles involved in fatal crashes
– Forward Collision Warning
– Auto Emergency Braking (AEB)
– Dept of Transportation announced first automated vehicle safety
checklist/Sept 2016
– 2017 Will security improve to negate hackers from controlling our vehicles
Source: ABC
Gartner’s Hype Cycle of Emerging
Technologies 2016
– Longest-running annual report
– Provides a cross-industry perspective on technologies and
trends
– What should be in my emerging technology business
portfolio?
So What’s the Hype?
What Top 3 Emerging Technology
will Effect 2017
1. Transparently immersive experiences
2. Perceptual smart machine age, and
3. The platform revolution
A.Hoy & Associates
1. Transparently Immersive
Experiences
– Headaches
– Potential side effects to brain
– Ocular stimulation
– Electronic pulses
A.Hoy & Associates
2. The Perpetual Smart Machine
– ‘Bigger’ Data
– Increased Radical Computational Power
– Infinite Amounts of Data
“Just Google it”
– Deep Neural Networks
– Smart adaptation to new situations
– Analyze or Solve problems that no one has encountered previously
– 2017 Security Issues – Horse racing predictions, Las Vegas Football bets
– How does a cybersecurity professional protect against a deep neural network
highly intelligent…
2. The Perpetual Smart Machine
– Virtual Personal Assistants
– Cognitive Expert Advisors
– Personal Analytics
– Smart Data Discovery
– Smart Workspace, (or Homes)
– Conversational User Interfaces - apps that can lipread better than professional lip readers
– Machine Learning and Smart Robots
– Commercial UAVs (Drones)
– Autonomous Vehicles
– Natural-Language Question Answering
– Enterprise Taxonomy and Ontology Management
– Data Broker PaaS (dbrPaaS)
– Context Brokering
‘Bigger” data
– Data Analytics
– Growth of Big Data has Complexity and Cost.
– Hard to provide or enforce Data Assurance
– Difficult to Apply Access Controls
– Encryption is not feasible in many cases
A.Hoy & Associates
Big data
– Where does the data reside (If data is not where it should be….it
won’t open,
– Use of data needs to be embedded for who can use the data Data
is contextually aware of location, devices, and users)
– Logical and physical location controls?
– Data in Motion
– How do we protect the data flow (Need flexible technology that
can be used in almost any business data flow or business use)If
we place the governance and data policy stays with the data
– If place Average person stores….{ }
A.Hoy & Associates
2017 Security Prediction
– What if each data file had its own transparent encryption.
– Blocks of data
3. The Platform Revolution
– Transitioning of Technical Infrastructure to Ecosystem-enabling Platforms
– Technologies to Consider:
– IoT Platform
– Blockchain
– Neuromorphic Hardware
– Quantum computing
– Software defined Security
– Software-Defined Anything (SDx)
A.Hoy & Associates
Evolving Solutions
– Automotive Policies for Self Driving Cars
– Automotive Standards for OnBoard ComputeresSerenity One File Access Management
– Individual File Access Management
– Mobile Device Management
– Virtual Desktop
– Artificial Intelligence for securing the unknown
– Application Security
– Code review during Development Stage
– Use and Code review in Production
A.Hoy & Associates
More 2017 Security
Predictions
– Nation state related attacks will become more prevalent in
the public eye
– Intellectual property and espionage done by Hackers for
Hire
A.Hoy & Associates
2017 Security Predictions
1. Changes in Privacy Regulations to be considered?
o Federal or State
o EUPD or other country Expats
2. Are minors or the PII of children under 18 involved?
• Child protection {look up child protection laws]
• Family Consumer Rights Act
3. Data Protection Act changes to allow for SmartData, Self Protecting, Self
Governing to keep up with the technology
4. BlockChain becomes a security tool
A.Hoy & Associates
Resources & References
– Gartner’s Hype Cycle for Emerging Technologies 2016
– SertintyOne.com – SmartData, Self Protecting, Self
Governing
A.Hoy & Associates
106
Open Discussion & Q&A
• Jorge Orchilles - Moderator
• Kip Boyle
• Ron Chestang
• Andrea Hoy To ask a question:
Type in your question in the Questions
area of your screen.
You may need to click on the double
arrows to open this function.
#ISSAWebConf
107
ISSA International Web Conference
February - Cyber Residual Risk
2-Hour Live Event: Tuesday, February 28, 2017
Start Time: 9:00 a.m. US-Pacific/ 12:00 noon US-Eastern/ 5:00 p.m. London
Overview:
How do you analyze your environment and calculate Cyber Residual Risk. Once you
are done, you of course want to close up that last bit of exposure with Cyber
Insurance. Yet when you get the bill and it doesn’t seem to make sense. The cost
almost outweighs the projected risk. Then the worst happens and you need to file a
claim, and … it is denied. First, how do you calculate your residual cyber risk, and once
you do, how does an organization get proper cyber insurance.
Join us at the next International Web Conference:
108
A recording of the conference and a link to the survey to get CPE credit for attending the August ISSA International Web Conference will soon be available at: https://www.issa.org/?page=January2017IWC
If you or your company are interested in becoming a sponsor for the monthly ISSA International Web Conferences, please visit: https://www.issa.org/?page=BecomeASponsor
Web Conference Survey