Deep Dive into the CISM Certification + Anatomy of an Incident Response

March 11, 2020 by CJ Logsdon

Monday April 6th, 2020 / 6 PM – 9 PM

WHO: Southwest CyberSec Forum

WHEN: 1st Monday of each month 6:00 PM – 9:00 PM

WHERE: UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283

WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.

FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

Our thanks to Arctic Wolf Networks for sponsoring this months meeting!

Arctic Wolf

Through the industry’s original Concierge Security Team, Arctic Wolf provides the scalable managed cybersecurity protection IT-constrained companies need to keep their critical data, networks, web-based applications, and devices safe. Working as an extension of your internal team, highly-trained and coveted security experts deliver 24×7 cloud-based monitoring, risk management, threat detection, and response services that protect you from ever-evolving methods of cyber attack. By escalating only the issues that require action, Arctic Wolf eliminates noise, enabling your limited IT resources on other priority initiatives. Personal, predictable protection – It’s the Arctic Wolf difference

Contact: Amy Judge Field Marketing Manager 408-497-6112

[5:30-6:30 PM]

Pizza and Networking in the UAT common area

  • Open to the public and UAT students
  • Pizza and Drink provided.
  • No food or drink in the UAT Theater (Please)

[6:30-6:50 PM]

Announcements and Sponsor Segment

  • Announcements and Updates (~5 min)
  • Short presentation by our sponsor (~15 min)

[6:50-7:00 PM]

Cyber Security Community updates

  • Cyber threat update with Erik Graham (~15 min)

[7:00-8:00 PM]

Deep Dive into the CISM Certification

Ilene Klein

by Ilene Kein, CISSP, CISM, CIPP/US, Cybersecurity Program Coordinator Urban Area Security Initiative City of Phoenix Office of Homeland Security and Emergency Management


For over 20 years, Ilene Klein has been evangelizing security to anybody who would listen … and to management.  During this time, she built and led compliance, governance, incident response, privacy, policy, security awareness, threat intelligence, and vulnerability management programs and frameworks.  Ilene started her career as an electronics instructor and then traveled from Honolulu to Heidelberg as a systems engineer installing proprietary software for the U.S. Army and resolving system crashes before focusing on cybersecurity.  Ilene has earned multiple security and privacy certifications, and she’s won awards such as the CISM Geographic Excellence Award for earning the highest score in the North America geographical region on the December 2011 CISM examination and a 2018 Warrior Award for fighting on the “front lines” of cybersecurity.


Congratulations — You’re in cybersecurity, one of the best and most in-demand careers.  But there’s an entire alphabet soup full of cyber-related certifications out there.  During this presentation we’ll discuss the CISM certification, including what it is, how it differs from the CISSP, who might be interested in earning a CISM, the domains covered, and whether it’s worth it.

[8:00-8:45 PM]

Anatomy of an Incident Response

Niko Zivanovich

by Niko Zivanovich, Security Engineer specializing in Incident Response, Check Point Software


Niko Zivanovich is a Security Engineer for Check Point based in the South West US, specializing in Incident Response. Check Point is based in Tel Aviv, Israel and is one of the largest cyber security firms in the world. Previously at Johns Manville in Denver, Colorado working in network security and security operations focusing on ICS environments. While at Johns Manville, Niko and his colleagues helped to form the Berkshire Hathaway Information Security Group in order to facilitate the sharing of intelligence across the organization. He most recently worked for Berkshire Hathaway Inc. focusing on Incident Response preparation throughout the subsidiaries globally. He holds multiple certifications through the SANS GIAC organization.


Anatomy of an Incident Response Event An Incident Response (IR) Plan is where tools, skills and process all come together in a high pressure, time-critical environment. Advance planning and experience are critical to a successful outcome. Niko will walk through a real-world Incident Response event and highlight at each key stage in the process where specific tools, people and skills and the structured response plan came into play and the how deficiencies at any point can hobble the organization. Attendees will be able to overlay this presentation onto their own organizations capabilities and identify where they may have shortcomings in their own IR Plan.

[8:45-9:00 PM]


Back to top