October TASK: CVSS - The Journey to V4.0 / Building the Security Mindset
Live and in-person at TMU + Live-Streamed on Discord
Date: Wednesday, October 30
Time: 6:00 PM
In-Person Location: TRS 3-176 (9th Floor), Ted Rogers School of Management at 55 Dundas St. W
Registration: Not required
Live-Stream: Although TASK is always best in-person, we will steam live again on Discord @ https://discord.gg/aXfY76xgVJ.
Topic: CVSS - The Journey to v4.0: Trial & Tribulations (AKA: The Good, The Bad, and the Ugly)
Speaker: Ali Salari
A trip through the industry's tumultuous rating system for vulnerabilities from its origins, to the latest version of the standard now that it is nearly 1 year old. This topic will cover:
The original Need for a rating and scoring system CVSS
History of each version, their strengths and weaknesses
Ways CVSS can be used,
Examples of a number of CVEs, and how they evolved
Competing scoring systems from vendors, as well as supporting scoring systems like EPSS
The future and where we might be headed.
Ali Salari has been is a cybersecurity professional 30 years of IT experience, with 16 of those in formal security roles. Currently with CGI for over 25 years, having served internally, as well as clients from nearly every industry segment.
Topic: Building the Security Mindset
Speaker: Jeffrey Lubetsky
Cyber security is typically considered a profession exclusively within the Information Technology domain. This misconception needs to be reframed in the minds of everyone… We ALL use cyber “stuff”, which means we are ALL responsible for cyber security. How can we get more people to be interested in cyber security and to consistently use good cyber hygiene?
In this talk we will introduce a simple and unique framework, which can provide a solid cyber security foundation to those wanting to learn or improve their cyber security understanding and its application. From prospective cyber security students, to seasoned professionals who need a fresh perspective to better communicate to their stakeholders… This framework can help you place cyber security into a context to help you or your customers develop a better appreciation for the essentials of, and the need for, cyber security. The best part is, most the framework is are of concepts and models with which you are very likely familiar and apply.
Jeffrey Lubetsky has been passionately teaching Cyber Security related courses for the past decade at George Brown College in Toronto. His military, corporate, and government experiences have inspired him to create unique content, making Cyber Security fully accessible to those from outside of the Information Technology domain, as well as those within.
When not engaged in Cyber Security content, Jeffrey can often be found working on new exploitation and protection methods of the Social Attack Surface. He is also Master Practitioner certified in Neurolinguistic Programming (NLP).
We look forward to see you all there!
The TASK Steering Committee