Below is a list of our past meetings and events.


April 17

Spring 2018 Quarterly Chapter Meeting

Date & Time

Tuesday, April 17th 6–8:30pm

Host and Location

RSA Conference


Michael Aisenberg, MITRE
Michael will provide a federal and state IOT regulatory action update, including those related to unmaned vehicles and medical devices.

Ulf Lindqvist, SRI International
The Internet of Things (IoT), where all kinds of devices – from public infrastructure to wearables – are being equipped with “smarts” and are being wirelessly connected, holds great promise to improve health, safety, and productivity in our society. However, the success of IoT is directly dependent on our ability to provide the right level of security, because the potential consequences of successful attacks could impact human lives and safety and cause death and destruction, directly or indirectly. We need new methods to automatically and continuously assess the level of security of IoT systems and networks, because if we cannot tell how changes to configurations or devices impact overall security, how will we be able to improve security with any degree of confidence? Also, we need to be able to design and select the most effective security mechanisms for large numbers of heterogeneous and often resource-limited IoT devices. This talk describes such challenges and opportunities, based on results from research conducted in the IoT Security and Privacy Center at SRI International.

February 15

Winter 2018 Quarterly Chapter Meeting

Date & Time

Thursday, Feb. 15, 2018, 8:30-12

Host and Location

SRI International
333 Ravenswood Ave.
Menlo Park, CA 94025


Why Chinese Intelligence Operations are Relevant to Your Business Today
Dr. Matthew Brazil
Dr. Brazil will highlight aspects of today's PRC scene that are important for industrial security executives to understand. He will draw on his recent doctoral work on PRC intelligence operations history and two decades of living in and traveling to the PRC for export promotion and security work. In the second half of the talk, he will focus on practical approaches for American companies doing business in one of the most challenging counterintelligence environments in the world.

FBI Counterintelligence Update
FBI Guest Speaker, San Francisco Division

The Business-Legal Case for Counterintelligence: Why The Boss Should Care
Robin J. Lee, Esq., lawyer, epicure, and all-around great guy
Reviewing a number of subjects including intellectual property protection, export controls, M&A and IPO due diligence, and private-sector S&T intelligence, Mr. Lee makes the case that industry already has a significant counterintelligence interest - they just use different vocabulary for it. He suggests strategies for how to get executive management to listen to the security specialists on a topic that they might believe is exotic and weird, but is really already at the heart of the risk management mindset.


August 30

Summer 2017 Quarterly Chapter Meeting

Date & Time

8:30-11am Wednesday, August 30, 2017


FBI San Jose RA
1919 S. Bascom Ave., 4th floor, Campbell, CA 95008


Please join us and your peers for a morning focusing on the Transportation and Cyber Sectors of our critical infrastructure. Presentations will include a briefing from the National Counterterrorism Center (NCTC) on Cyber Threats to Social Media and how they can impact your business. Presentation and discussion by an industry expert on how data leaves your business and why you should be concerned and where the industry is going in data loss prevention. Hear from a Field Intelligence Officer from the Dept. of Homeland Security/TSA on threats happening there and how they impact us, as well as an update on the general threat landscape for our region.

May 18

Spring 2017 Quarterly Chapter Meeting

Date & Time

9-12am Thursday, May 18, 2017


2000 Powel St. (second floor), Emeryville, CA 94608

Feb 14

Winter 2017 Quarterly Chapter Meeting

Date & Time

6pm Tuesday, February 14, 2017


RSA Conference, San Francisco
Room 131, Moscone North
All RSA attendees are welcome! Registration codes to attend RSA are available to InfraGard members in our Members Only section - see the event flyer here for details!


Keynote Speaker: Richard Clarke

Mr. Clarke is CEO of Good Harbor Security Risk Management, which advises companies and governments on cyber security.

He served for thirty years in the United States Government, including an unprecedented ten continuous years as a White House official, serving three consecutive Presidents. In the White House he was Special Assistant to the President for Global Affairs, Special Advisor to the President for Cyberspace, and National Coordinator for Security and Counterterrorism.

Prior to his White House years, he served as a diplomat, including as Assistant Secretary of State, and he held other positions in the State Department and the Pentagon for twenty years.

Since leaving government in 2003, Mr. Clarke has served as an on-air consultant for ABC News for ten years, taught at Harvard’s Kennedy School of Government for five years, and written seven books, both fiction and nonfiction, including Cyber War: The Next Threat to National Security and What to Do About It and the national number one best seller Against All Enemies. His latest novel, Pinnacle Event, was released on 19 May 2015.

In addition to his work at Good Harbor, he has served or currently serves in several advisory or board capacities: Member, President Obama’s Review Group on Intelligence and Communications Technology (NSA review group); Co-Chairman, Virginia Cyber Security Commission; Member, New York Governor Cuomo’s Cyber Security Advisory Board; Senior Advisor on Cyber-Security and Counter-terrorism to the CEO of SRA International; Chairman of the Board of Governors, Middle East Institute; Member, Board of Directors of Veracode; Member, Board of Directors of Bit9; and, Member, Board of Directors of Nok Nok Labs.

Abstract: In an evolving cybersecurity landscape, the new administration is likely to encounter many challenges over the years ahead. Contributing to the difficulty of establishing good cybersecurity practices is the reality that both public and private institutions are pitted against the same foreign actors, many of whom are well-equipped to inflict damage to the systems upon which we rely. Within many contexts, this characteristic creates a situation in which the most vulnerable dictates the level of security that applies to us all. In a world where cybersecurity concerns have largely taken a backseat to other policy priorities, how can we sufficiently guard against new threats directed towards American businesses and infrastructure?


Dec 01

Fall 2016 Quarterly Chapter Meeting

Date & Time

09:00-12:00 Thursday, December 01, 2016
Refreshments and networking at 08:30


San Francisco Federal Building
California/Nevada rooms, 2nd Floor
450 Golden Gate Ave., San Francisco

Near BART Civic Center/UN Plaza Station


Water Sector: Incident Update
Steve Frew, Manager of Security and Emergency Preparedness
East Bay Municipal Utility District
Board Member, SF Bay Area InfraGard

Overview of the California Common Operating Picture (Cal COP)
David Frazer

NCRIC Update
Raphael Brinner, NCRIC

FBI/DHS Update and Networking

Sep 16

Ransomware 101 Workshop

Date & Time

8:30am-12:15pm Friday, September 16th, 2016


309 Velocity Way
Foster City, CA 94404


The FBI, United States Secret Service, Financial Services Information Sharing and Analysis Center (FS-ISAC), Multi-State Information Sharing and Analysis Center (MS-ISAC), National Health Information Sharing and Analysis Center (NH-ISAC), Palo Alto Networks and Symantec will all be sharing their experiences and expertise around ransomware, why you should be concerned and how you can protect against becoming the next victim.

In this half-day workshop these experts in cybersecurity will:

  • Describe ransomware
  • Cover the tactics, techniques and procedures used by the criminals
  • Provide the threat landscape
  • Discuss why situational awareness and information sharing are important
  • Offer strategies to help protect your organization from ransomware attacks


08:30-09:00 Registration/Networking
09:00-09:50 FBI/USSS Session on Ransomware 101
09:50-10:40 The Importance of Information Sharing and Situational Awareness
10:40-10:55 Break
10:55-11:55 Palo Alto Networks & Symantec Industry Viewpoint on Mitigation and Threat Landscape
11:55-12:15 Wrap up then adjourn
Aug 09

Two Steps Ahead: Cybersecurity for Business... Made Simple

Date & Time

9-11am Tuesday, August 9, 2016


The Tech Museum of Innovation
New Venture Hall
201 South Market Street
San Jose, CA 95113


The SF Bay InfraGard Chapter is proud to sponsor the STOP. THINK. CONNECT. "Two Steps Ahead: Cybersecurity for Business...Made Simple" event at The Tech. Co-hosted by The National Cyber Security Alliance (NCSA), New Horizons, CompTIA, Logical Operations and the our InfraGard Chapter, this event on cybersecurity for business is part of the Two Steps Ahead: Protect Your Digital Life tour.

Featured Guests include Ryan Pardee, Supervisor Special Agent, Federal Bureau of Investigation, Oakland; Steve McFarland, President and CEO, Better Business Bureau of Los Angeles | San Jose | Silicon Valley; James Stanger, Senior Director of Products, CompTIA; Kevin Rock, Senior Director, Products and Programs, New Horizons Computer Learning Centers; Joe Mignano, Vice President, Partners & Alliances, Logical Operations.

Learn more and register at (check back for updates on speakers and additional details). The Tech Museum of Innovation has generously offered attendees free admission to the museum on the day of the event.

Jun 14

Cornerstones of Trust

Date & Time

Tuesday, June 14, 2016


Just Secure It - Sharing What Works in the Real World
Cornerstones of Trust has inspirational speakers that will present and lead discussions on how to solve the most critical day-to-day security issues faced by enterprises, government agencies, and critical infrastructure professionals. Issues such as how to prepare for the coming "Internet of Everything" (IOT) implosion as well as challenging how today's IT security groups must operate due to new infrastructure challenges are hotly debated. In fact, the morning keynote speaker Ira Winkler said "I'm excited to be speaking in the Bay Area which has the most diverse security professionals working on the most diverse set of security problems. It's even more exciting that I'll be speaking at a conference that focuses on the real-world practical applications of security which I believe offer the highest potential return on investment for the attendees."

Learn more and register at

Cornerstones of Trust acts as a catalyst to bring the Northern California security community together for an ongoing exchange of ideas that address the needs, interests, and issues of trust that security practitioners and managers are experiencing today. This community-driven event is a cooperative effort by members of the San Francisco Bay and Silicon Valley chapters of the Information Systems Security Association (ISSA) and the San Francisco Bay Area InfraGard to encourage creative thinkers and practitioners on the front-line to network and share experiences.

Mar 01

Winter 2016 Quarterly Chapter Meeting

Date & Time

6pm Tuesday, March 1, 2016


RSA Conference, San Francisco
Room 132, Moscone North
All RSA attendees are welcome! No need to RSVP - just come!


Cybersecurity Update: the 2015 policy year in review
New FISMA II, OMB A-130 authority, OPM cyber sprint follow-up, Cyber Sharing Legislation. A topical overview of the policy activity around cyber security in 2015 and what it may mean for ICT-dependent Critical Infrastructures. Overview of new legislation, executive orders, policy pronouncements, and identification of intended impact on private sector CI. Emerging developments at NIST, GSA and DHS in contractor/CSP management, Cyber Supply Chain Risk Management, IoT/CPS/ICS and commercial due diligence by Federal and sub-federal agencies.

Michael Aisenberg, Esq.
Principal Cyber Policy Counsel
The MITRE Corporation


Nov 18

Fall 2015 Quarterly Chapter Meeting

Date & Time

09:00-12:00 Wednesday, November 18, 2015


San Francisco Federal Building
7th and Mission Streets, San Francisco
Just off the Civic Center/UN Plaza BART Station


Your Disaster Looks Different to Law Enforcement
You may have a crisis on your hands, but it may look very different to law enforcement. How do we align efforts and recognize that perspectives may be different? Come hear real-life examples of crisis situations where perspectives varied - and more importantly, learn how to form connections with law enforcement early. Remember, a crisis is never the right time to exchange business cards.

FBI/DHS Update and Networking

Aug 27

Summer 2015 Quarterly Chapter Meeting

Date & Time

11:30-15:30 Thursday, August 27, 2015


East Bay Municipal Utility District [EBMUD]
375 Eleventh Street, Oakland, CA 94607 (easy access from BART)
11:30-12:30 Networking and lunch (sandwiches will be provided)
12:30-15:30 Tabletop exercise


Tabletop Exercise
A joint meeting between InfraGard and the Business Recovery Managers Association [BRMA]
Please join us for a special interactive event, where InfraGard and BRMA will take you through a tabletop cybersecurity event. Learn about how to run an exercise, participate in the event, and ask questions.

FBI/DHS Update

2015 Chapter Board of Directors Election & Nomination Process

Jun 16

Cornerstones of Trust

Date & Time

Tuesday, June 16, 2015


Crowne Plaza Foster City
1221 Chess Dr San Mateo CA 94404


Cornerstones of Trust is an unparalleled opportunity for training and networking in the Bay Area. Put on each year, Cornerstones of Trust acts as a catalyst to bring together the Northern California security community for an ongoing exchange of ideas that address the needs, interests and issues of trust that security practitioners and managers are experiencing today. It's hosted as a cooperative effort of the San Francisco Bay and Silicon Valley chapters of the Information Systems Security Association (ISSA); and San Francisco Bay Area InfraGard.
See for more information.

Apr 21

Spring 2015 Quarterly Chapter Meeting

Date & Time

Tuesday, April 21, 2015 6:30 PM


RSA 2015 Conference
North Room 132
Moscone Center
San Francisco


A Holistic View of System Trustworthiness, from the Perspectives of Hardware, Software, Programming Languages, Networks, People, and More
The state of the art of trustworthiness is inherently weak with respect to computer systems and networks. Essentially every component today is a potential weak link, including hardware, operating systems, and apps -- for desktops, laptops, network switches and controllers, servers, clouds, and even mobile devices. Adding back doors and self-authenticating front doors to already compromised systems and networks can only make matters even worse. The potentially untrustworthy nature of our supply chains adds further uncertainty. Indeed, the ubiquity of computer-based devices in the so-called Internet of Things is likely to make this situation even more critical than it already is.
This talk will consider system vulnerabilities and risks, and some of the limitations of software engineering and programming languages. It will also take a holistic view of total-system architectures and their implementation, which suggests that some radical systemic improvements are needed, as well as changes in how we develop software. As time permits, we can touch on some of the evolving lessons from work in progress jointly between SRI and the University of Cambridge for DARPA, relating to some relatively clean-slate approaches. In particular, our team is pursuing formally based design of hardware that enables fine-grained access controls, enforceable compartmentalization among and within applications, new software and compiler extensions that can take significant advantage of the hardware, and some network switch/controller approaches that can also benefit from the new hardware. Formal methods have been embedded in the hardware design process, and are also applicable selectively to the software. We are also applying our trustworthy systems to software-defined networking, servers, and clouds.
Peter G. Neumann
Senior Principal Scientist
SRI International

FBI/DHS Update and Networking

Feb 19

Winter 2015 Quarterly Chapter Meeting

Date & Time

09:00-12:00 Thursday, February 19, 2015
Refreshments and networking at 08:30


San Francisco Federal Building
California/Nevada rooms, 2nd Floor
450 Golden Gate Ave., San Francisco


The NIST Framework: It's Here. Are you prepared?
The NIST Cybersecurity Framework may soon become a required standard. In this talk, we will present a brief overview, how it can apply to your business or organization, and tools to help you adopt the framework.
Matthew Todd, President
San Francisco Bay Area InfraGard

Active Shooter Awareness Training
Practical training for what to do when disaster strikes.
Special Agent Ken Karch
San Francisco FBI Field Office

FBI/DHS Update and Networking


NIST Framework PowerPoint presentation

NIST Framework Excel Template


Nov 20

Fall 2014 Quarterly Chapter Meeting

Date & Time

13:30-16:00 Thursday, November 20, 2014
Refreshments and networking at 13:00
Please note the afternoon time!


SRI International
333 Ravenswood Ave., Menlo Park, CA 94025


Measuring Security Awareness
Michael Hunter

Revolutionizing User Awareness Training: Techniques, Tactics, and Procedures
Neal McCarthy and the SF Bay InfraGard Board


Summer 2014 Quarterly Chapter Meeting

Date & Time

09:00-12:00 Thursday, August 21, 2014


East Bay Municipal Utility District
375 Eleventh Street, Oakland, CA 94607


The Intersection Of Cyber and Physical Security
Walter Hart
Formerly the Senior Manager for AccessData Group Professional Services

The New 01/13 HIPAA/HITECH Act & OMNIBUS Rulings
Michael McAlpen, Head of Security & Compliance
8x8, Inc.


Spring 2014 Quarterly Chapter Meeting

Date & Time

Thursday, June 12, 2014, 09:00-12:00


The Sunnyvale Microsoft Conference Center


The NIST Framework for CyberSecurity
Matthew Todd, President
San Francisco Bay Area InfraGard

Active Shooter Awareness Training
Special Agent Victor Nava, Head Firearms Instructor
San Francisco FBI Field Office

The FBI/InfraGard Sector Chief Program
SF Bay InfraGard Board


Winter 2014 Quarterly Chapter Meeting

Date & Time

Wednesday, February 26, 2014, 5:00-19:00


The 2014 RSA Conference, San Francisco


Crisis Management in Times of Peril: Lessons Learned from Hurricane Sandy and the Boston Marathon Bombing
Bob DiLossi, Crisis Manager, SunGard Availability Services

...and a very special guest appearance!


Nov 21

Fall 2013 Quarterly Chapter Meeting

Date & Time

Thursday, November 21, 2013, 09:00-12:00 (doors open at 08:30)


SRI International with our thanks!


Cyber Insurance
A Distinguished Panel

The Hazards of "Hacking Back"
Another Distinguished Panel

...and a few words from SAC David Johnson

Aug 15

Summer 2013 Quarterly Chapter Meeting

Date & Time

Thursday, August 15, 2013, 09:00-12:00


CalTrans with our thanks!
Oakland, CA


Bay Area Public-Private Partnership Resiliency Initiative (more info at California Resiliency Alliance website)

Dr. Emery Roe, UC Berkeley Center for Catastrophic Risk Management

Steven Frew, Security and Emergency Preparedness, East Bay Municipal Utility District

Feb 26

Winter 2013 Quarterly Chapter Meeting

Date & Time

Tuesday, February 26, 2013, 6-8pm


RSA Conference, San Francisco, CA


All of our InfoSec Management Guidance is Wrong.
Sorry about that.

Despite a wealth of "helpful" suggestions about how to run our security programs - from regulatory guidance to industry standards to pundits to the twitterati - we still perceive that we aren't providing the right value to our businesses. We're right. Could it be, that just maybe, the advice we've been following is, woefully, sadly, horribly wrong? Akamai CSO Andy Ellis will explore common advice that the industry passes around, why it's unhelpful, and give you his own advice for success.

Andy Ellis is Akamai's Chief Security Officer, responsible for overseeing the security architecture and compliance of the company's massive, globally distributed network. He is the designer and patent holder of Akamai's SSL acceleration network, as well as several of the critical technologies underpinning the company’s Kona Security Solutions.

Mr. Ellis is at the forefront of Internet policy; as a speaker, blogger, member of the FCC CSRIC, supporting Akamai's CEOs on the NIAC and NSTAC, and an advisory board member of HacKid.

He is a graduate of MIT and a former US Air Force officer, the recipient of the CSO Magazine Compass Award, the Air Force Meritorious Service Medal, The Wine Spectator's Award of Excellence, and the Spirit of Disneyland Award. He can be found on Twitter as @csoandy.


Aug 16

Summer 2012 Quarterly Chapter Meeting

Date & Time

Thursday, August 16, 2012, 09:00-12:00 (doors open at 08:30)


SRI International with our thanks!


Law enforcement perspectives on the "active shooter"
Sgt. Benjamin Becchetti, Palo Alto PD,
Team Leader, SWAT

Web analytics, online behavioral tracking, and privacy for investigators
Rob Kelley, Information Security Project Manager for SOAProjects

Twenty Critical Security Controls for Effective Cyber Defense: Consensus Audit Guidelines
Liam Connolly

May 17

Spring 2012 Quarterly Chapter Meeting

Date & Time

Thursday, May 17, 2012, 09:00-12:00 (doors open at 08:30)


SETI Institute with our thanks!

“Ghost Stories”
Assistant Special Agent in Charge Craig Fair

“Counter Intelligence Computer Intrusion Investigations”
Special Agent John Chesson

Q&A with our hosts at SETI

Jun 6

Raising Security IQ

Date & Location

Wednesday, June 6th, 2012
Crowne Plaza in Foster City

Contoural, a leader in information governance, and a partner of Cornerstones of Trust, is holding a Symposium on Information Governance & eDiscovery on Tuesday, May 15, at the Parc 55 Hotel, 55 Cyril Magnin St., in San Francisco, 8 a.m. - 12:45 p.m.

Attendance is complimentary.

This event will feature best-practice presentations from independent industry leaders on records retention and reducing exposure to potential litigation.


Oct 13

San Jose’s first Cybersecurity Summit


Thursday, October 13, 2011


Hosted by San Jose City Councilmember Pete Constant in cooperation with the U.S. Department of Homeland Security (DHS) and the National Cyber Security Alliance (NCSA), this is the premiere event for those concerned about on-line security for themselves or their children, those involved with protecting web users and resources, and those interested in educating the youth who will take on future Cybersecurity challenges.

May 2011 19

Spring 2011 Quarterly Meeting

Date & Location

Caltrans / Oakland, CA / Thursday / May 19, 2011

Mother Nature is the #1 threat to the Bay Area's Critical Infrastructure & Key Resources ...USGS forecasts that there is a 63% chance of a 6.7M or greater magnitude earthquake in the Bay Area in the next 30 years, The presenters discuss how this forecast was derived, what will happen and how you, your family and your company will be impacted and what the response will be like.


David Schwartz, Bay Area Earthquake Alliance
Geologist, USGS

Download presentation

Danielle Hutchings
Earthquake and Hazards Program Coordinator Association of Bay Area Governments (ABAG)

Download presentation

John Weir
Battalion Chief, Oakland Fire Department
Program Coordinator California Task Force 4

Download presentation

Jan 10

Bay Area Regional Joint Criminal & Epidemiological Investigations

Date & Location

Wednesday, March 2 - Thursday, March 3, 2011 - Moffett Field

Event Flyer / Includes Agenda

Jan 10

2011 RSA Conference


Through a special arrangement with RSA, the SF Bay InfraGard Winter 2011 Quarterly Meeting was held at the 2011 RSA Conference.

Our special guest speaker was Mr. Howard Cox the Assistant Deputy Chief of the Computer Crime and Intellectual Property Section of the Criminal Division of the US Department of Justice.

Mr. Cox discussed "Cyber Crimes Affecting the Payment Card Industry" and provided a great ummary / case history of the investigation and prosecution of Albert Gonzalez a convicted cyber thief who organized a credit card theft ring that resold more than 170 million card and ATM accounts during 2005 through 2007 - the biggest, reported such fraud in history.

DOJ Press Release

We will also be heard from Mr. Ed Berberian who discussed the Northern California Computer Crimes Task Force (NC3TF). Mr. Berberian is the District Attorney for Marin County and the Program Director of the (NC3TF).


Nov 18

Fall 2010 Quarterly Meeting



Thursday/ November 18, 2010


Thanks to INTEL for Hosting


Focus on Small Business

Small Business and Counterfeit Products
Lawrence "Lonnie" Hurst, INTEL Corporate Anti-Counterfeit and Product Fraud Protection Manager

Crimes Directed Against Small Business
San Jose PD

Chapter Business
2010-2011 Board of Directors Election Presentations

Sep 22

SecureWorld Expo

Thanks to SecureWorld for hosting the SF Bay InfraGard Chapter Mixer.

Aug 19

Summer 2010 Quarterly Meeting



Thursday / August 19, 2010

Thanks to Microsoft for hosting!!


Part 1
"Plan for the Inevitable: Assume You're Compromised"

Rather than assume that outsiders or insiders will attempt to compromise your systems, assume instead that they already have, and you may not know it. What should you have done to minimize the potential impact? Our panel will present brief "take-home" presentations addressing some concrete ideas around data management, access controls, separation of duties, etc., before they take your questions in an interactive session.

Part 2
"Plan for the Inevitable: Respond to the Breach"

If you've been breached (or suspect a breach), do you have the tools, processes, and policies in place to respond efficiently and legally? Will your teams isolate the issue quickly, or act to make the problem worse? Our panel will present brief "take-home" presentations addressing some concrete ideas around policy, organization, documentation, and procedure before they take your questions in an interactive session.


Meeting Introduction and Discussion
Matthew Todd / Member Board of Directors and John Landwehr / Member Board of Directors

A Sample Computer Incident Response Plan
Table of Contents
Sample Plan
Neal McCarthy / Member Board of Directors

Data Security
Ron Lapedis / Member Board of Directors

Jun 29

2010 Cornerstones of Trust Conference

Weathering the Storm
Cornerstones of Trust 2010

Tuesday / June 29, 2010
Crowne Plaza Hotel in Foster City

Thanks to all who helped make this event a success.

May 20

Spring 2010 Quarterly Meeting


Thursday / May 20, 2010


Thanks to AT&T for hosting
San Ramon, CA

Discussion Topic

"Has your CFO and/or Treasurer asked you yet about the "Account Takeover" threat advisory they got from organizations like the American Banking Assoc, NACHA, VISA and the US Chamber of Commerce? Account Takeover attacks are on the rise and stealing hundreds of thousands of dollars from unsuspecting victims and even bankrupting some. Every organization has to pay its bills. Criminals are targeting that function whether you are a non-profit, a government entity, or a personal investor. And they are getting very good at it.

In this meeting we will discuss the threat, how it works and how it has impacted organizations of all sizes. Our panel discussion will review questions you should be asking of your organization. We will review available services and technologies that help mitigate this threat. We'll discuss the recent Cyber Attack of Payment Processors exercise that was conducted by the Financial Services Information Sharing & Analysis Center (FS-ISAC).We will also present an operational protocol every CISO should have in place for this threat.

Business executives in companies large and small are being targeted and it is only a matter of time before you will need to deal with this. The goal of this meeting is to provide you the knowledge & tools necessary to perform due diligence for this insidious criminal threat."

This type of attack was the scenario of the recent Financial Services ISAC Cyber Attack Against Payment Processes (CAPP) Exercise.

Presentations are on the Members Only section.

Feb 18

Winter 2010 Quarterly Meeting


Thursday / Feb 18, 2010


Thanks to Hewlett-Packard for hosting
Palo Alto, CA


2010 Threat Predictions Report
McAfee Labs & McAfee Operation Aurora
Stuart McClure, Senior VP and General Manager McAfee Risk and Compliance Business Unit

Stuart McClure is a co-author of the best selling security book Hacking Exposed: Networking Security Secret & Solutions

Russ Daniels, Vice President and Chief Technology Officer, HP Enterprise Services

Kathy Lukens, Lockheed Martin Space Systems, MILCOM 2010 Executive Committee

Chapter Business


Nov 19

Fall 2009 Quarterly Meeting


Thursday / Nov 19, 2009


Thanks to PGE for hosting this meeting !


Maximizing the business value of a vulnerability management program
Joel Scambray / Consciere LLC

Maximizing the business value of a vulnerability management program. Through the disclosure and examination of real data and lessons learned, Joel Scambray will discuss how to build and execute on a business case for increasing the capabilities of an existing vulnerability management program. He will share his insight about how looking beyond scanning and patching tools, focusing on metrics, and effectively managing the rivalry between InfoSec and IT Operations are keys to maximizing business value.

The Mumbai Terrorist Attacks
SA Steven Merrill, SF FBI

On the day the Mumbai incident started FBI SA Steve Merrill, a Legal Attache in the FBI's New Delhi office, was enjoying his first day off in nearly a month. He immediately diverted to Mumbai and as the first U.S. official representative on-site made contact with his Indian counterparts and got to work. No red tape, no turf battles, just first responders, standing shoulder to shoulder in a time of crisis. For three days, Mumbai was a blur of gunshots, explosions, fire, and confusion. In the midst of that mayhem, SA Merrill helped to rescue Americans trapped inside the Taj Hotel. He set up lines of communication with his FBI and intelligence community counterparts and coordinated the arrival of the FBI Rapid Deployment Team.

SA Merrill's presentation on foreign travel

Jan 10

Corner Stones of Trust 2009 Conference

Thanks to everybody who helped make the 2009 Corner Stones of Trust Conference a success.


May 21

Summer 2009 Quarterly Meeting


Thursday / Aug 20, 2009


FEMA Region IX Preparedness Division

Download meeting flyer


Opening Remarks
FEMA Regional Administrator
Nancy Ward

Overview of FEMA
Deputy Federal Preparedness Coordinator
Tom Ridgeway

Continuity of Operations Planning (COOP)

FEMA Region IX Watch Center

FEMA Region IX / ESF 15 / External Affairs

PS-PREP / Private Sector Initiative
Senior Preparedness Policy Advisor
Mr. Ashley Moore / FEMA HQ

Chapter Business

Adjourn AM Session

1:30PM - 4:00PM

DHS/FEMA is working to establish a voluntary private sector accreditation and certification preparedness program (PS-Prep). Following the morning InfraGard meeting, where the program will be introduced, we will be having an afternoon session with senior DHS/FEMA HQ staff where the private sector can provide feedback and suggestions to DHS/FEMA.
Download Fact Sheet

May 21

Spring 2009 Quarterly Meeting


May 21, 2009


Thanks to McAfee for hosting at their Santa Clara, CA corporate HQ.


FBI Updates

Tom Kropp / NEXANT
Vulnerabilities and management considerations of traditional IT environments versus controls systems used to manage critical infrastructure. This presentation is in the Members Only Section.

McAfee Discussion

Chapter Business

Click here.

Feb 19

Winter 2009 Quarterly Meeting

Date & Location

Feb 19, 2009 / New Federal Building / San Francisco, CA

Managing Security in Times of Turmoil: IT, HR, and Legal Considerations in the Down Economy

In the current economic climate, employers are faced with difficult decisions about projects and staffing which can sometimes lead to unpleasant changes for employees. With change comes turmoil: former employees can be distraught, remaining employees may be uncertain about their future or angry at the change, and IT and security resources may be depleted. With this in mind, we will discuss real-world situations (good and bad), provide examples of what to do and to avoid, and provide a forum for the audience to ask questions of seasoned experts in HR, security, legal, and IT management.



Barrie Gross
Barrie Gross Consulting

Johnathan Tal
Tal Global Corporation

Panel Discussion
Barrie Gross
Barrie Gross Consulting

Johnathan Tal
Tal Global Corporation

Robert Dolinko
Nixon Peabody

Debbi Behrman
Financial Engines

Chapter Business


Nov 12

Fall 2008 Quarterly Meeting


November 12, 2008


Hosted by Chevron


Organization Capability
Rich Jackson
General Manager, Global Information Risk Management, Chevron

Project LOGIIC:
Securing the Process Controls Environment

Louis Ehrlich
President, Chevron Information Technology Co., and Enterprise CIO

Lessons Learned:
Building a Forensics Capability
Elizabeth Seavey,
Manager, IT Forensics, Chevron

Quarterly FBI Update

Board of Directors Elections and Chapter Business

Aug 21

Summer 2008 Quarterly Meeting

Date & Location

August 21, 2008 / Adobe San Jose, CA

Available presentations from this meeting can be viewed on the Members Only page.

FBI Cyber Squad Update
SA Donaldo Wilson, SF FBI, Oakland RA Cyber Squad

Love and Authentication - Addressing the problem of password reset
Dr. Markus Jakobsson, Principal Scientist

A Virus Safe Computing Environment for Microsoft Windows
Alan Karp
Director Virus Safe Computing Initiative
Hewlett Packard Laboratories

Chapter business

Jan 10

Spring 2008 Quarterly Meeting

Date & Location

May 15, 2008 / SF Federal Building

Meeting Topic

Getting back to InfraGard's roots. Perspectives on Critical Infrastructure (CI) / Key Resources (KR) protection. Federal, state, and regional programs and activities and how InfraGard fits in the great scheme of things.


Available presentations from this meeting can be viewed on the Members Only page.


The History of CI/KR
Rich Davies
Member SF Bay InfraGard Board of Directors

State and Federal Perspective
Brian Keith
Deputy Director for Critical Infrastructure Protection
Governor's Office of Homeland Security

Northern California Regional Intelligence Center - NC-RIC
Mike Sena
Deputy Director, NC-RIC

The SF Bay InfraGard Chapter CI/KR Council
Rich Davies
Member SF Bay InfraGard Board of Directors

Chapter Business

InfraGard Members are encouraged to go to the Members Only page to read more about the evolving SF Bay InfraGard Critical Infrastructure / Key Resources Council.

Background Material

NC-RTTAC Web site

CONFERENCE REPORT: STATE AND REGIONAL INTELLIGENCE FUSION: EXPERIENCES AND BEST PRACTICES IN INTERDISCIPLINARY COLLABORATION - A summary document prepared for the Jebsen Center for Counter-Terrorism Studies Conference "State and Regional Intelligence Fusion: Experiences and Best Practices in Interdisciplinary Collaboration" October 16, 2007

DHS, Intelligence and Information Sharing Initiative, Final Report. December 2004. Download PDF

The National CI/KR Protection Annual Report
Download PDF

Testimony (April 17, 2008) of DHS Principal Deputy Under Secretary for Intelligence and Analysis Before the Senate Committee on Homeland Security and Governmental Affairs Ad Hoc Subcommittee on State, Local and Private Sector Preparedness and Integration, "Focus on Fusion Centers: A Progress Report"

Mar 6

2008 Cornerstones of Trust

Feb 21

Winter 2008 Quarterly Meeting

The meeting focused on security of the 9-1-1 emergency response system. Topics included "swatting", and Voice over IP security concerns.


Nov 15

Fall 2007 Quarterly Meeting

Protecting Intellectual Property in a Globalized, Web 2.0 World

Aug 16

Summer 2007 Quarterly Meeting

The Insider Threat