ISSA E-News: May 3, 2012
In this Issue
- Take the May Journal with You
- Spring Selection Cycle for Senior Member and Fellows
- ISSA Election: Meet the Candidates for the International Board of Directors
- ISSA Live Web Conference
- Industry Resources
- ISSA Events and Industry Events
E-News is Brought to You by:
Take the May Journal With You
The May issue of the Journal is available for you in a variety of formats for your convenience. Please look for a hard copy of the Journal in your mailbox as it will arrive approximately second week of May. In the meantime, you can read articles on your smartphone or tablet via: ePub - iOS, Android, Nook | Mobi - Kindle.
Spring Selection Cycle for Senior Member and Fellows
Applications for Senior Member and nominations for Fellow and Distinguished Fellow are currently open and will be accepted until June 14, 2012 at 11:59 p.m. US Pacific time. The submission guidelines and forms have been updated for this selection cycle, please consult the Fellow Program Guidelines and use the current forms to ensure you comply with all requirements.
The Fellow Program recognizes sustained membership and contributions to the profession. No more than 1% of members may hold Distinguished Fellow status at any given time. Fellow status will be limited to a maximum of 2% of the membership. There is no limitation on the number of members who may be granted Senior Member status.
If you have questions, please contact fellow@issa.org.
ISSA Election: Meet the Candidates for the International Board of Directors
Sixteen of your colleagues have been nominated as candidates for your International Board of Directors and are willing to give of their time to ensure ISSA continually strives to serve you better. Three candidates are standing for International President and another 13 for five Director positions.
President
Directors
Watch for your unique voter credentials on June 1. To vote you must be a General, CISO Executive, Lifetime and assigned Corporate, or Government Organizational member in good standing and have a current email address in your membership profile.
ISSA Live Web Conference You've Got Humans on Your Network: Securing the End User
Live Event: May 22, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Generously Supported By: 
Web Conference Overview:
Even the best technology can be circumvented. All it takes is timing and a good story. Melisa, I Love You, The World’s Best Virus Scanner: what do these all have in common? They all circumvented security by tricking the users. As technology improves and the value of circumvention increases the weakest link will become the end user – and don’t kid yourself APT has proven they will be targeted. This session will discuss the human element and its impact on security.
Industry Resources
Industry Webinar: Mobility and the Open Web: Open Standards and Collaboration Redefine Enterprise IT
Sponsored By: 
Webcast Description:
Mobility is redefining how employees and customers interact with a company's products, applications and services. To address this technological and market shift, innovative IT organizations must leverage an abundance of resources, including open source components, development frameworks and "open web" technologies. And, perhaps most interesting, enterprises are embracing collaboration and creating their own developer "ecosystems" as a core element of their IT strategy.
Join Jeffrey Hammond, Principal Analyst, Forrester Research, and Black Duck Software to learn about how to leverage these important trends, technologies and development strategies.
Click here to view this webinar
Industry Webinar: Secure Development and Test Environments with Oracle Data Masking Available On-Demand
Sponsored By:
Webcast Description:
Many organizations inadvertently breach information when they routinely copy sensitive or regulated production data into non-production environments. Join Jagan Athreya, Director of Product Management for Oracle as he discusses how Oracle Data Masking can help safeguard sensitive and valuable information, such as credit card and social security numbers, by replacing them with realistic values using a rich library of masking policies and formats. This allows production data to be safely used for development, testing, and sharing with out-source or off-shore partners for non-production purposes. You will also learn about new application data modeling and sensitive data discovery tools from Oracle to better help you identify the critical databases you need to secure.
Click here to view this webinar on-demand.
Industry Whitepaper: Recent Certificate Authority Compromises: Are Your Digital Assets Less Secure Than You Think?
Sponsored By:
Whitepaper Description:
How will it be when your company appears in the news headlines–the latest breached organization? This has been the experience of many when their third-party, certificate authority (CA) trust providers were compromised (Comodo, Digicert, OpenSSL, and DigiNotar last year alone). Productivity and market devaluation costs were significant.
What do these unfortunate events have to do with you? Our white paper, Best Practices: Preparing for and Responding to a CA Compromise, provides an informative and compelling answer to this question.
Click here to download this free whitepaper.ISSA & Industry Events
ISSA CISO Executive Forum
| Denver, CO | May 16 - 17, 2012 |
|---|---|
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
New opportunities abound in the midst of amazing transformations in technology, business, and culture. Inspired by Disney’s innovative vision, the cybersecurity community will gather at the Magic Kingdom on October 25-26 to look at change as a chance to achieve excellence. Disruptions like “big data”, “cloud computing”, massive collaboration, and business transformation make it possible for us to blaze new trails and build effective foundations. We are enabling our work forces to be mobile and productive while protecting sensitive data. We build systems and policies that impede our foes and guard our constituents. This is an exciting time to be in the information security field and we are all vital in making our businesses faster, better, smarter and, most importantly, safer. Imagine the possibilities.
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
For more information click here
Minnesota Chapter Hosts: Secure360
Secure360 is the premier educational conference in the Upper Midwest for the information risk management and security industry. The conference is supported by the Upper Midwest Security Alliance (UMSA), of which the Minnesota ISSA Chapter is a founding member.
To register for this event and for more details click here.
Turkey Grand Security Conference
- Dates: May 11-12, 2012
- Time: 9:00-6:00
- Location: Microsoft Turkey Office/Bellavue Recidences Levent-Istanbul
- Cost: Free
- Discount to ISSA Members: Free
Join us at this Middle East security conference hosted in Istanbul by ISSA Istanbul Grand Security.
For more information about this event click here. To register click here.
Fourth Annual Los Angeles Information Security Summit: Protect Your Organization from the Growing Cyber Threat
- Date: May 16, 2012
- Time: 7:30 AM-7 PM
- Location: Universal Hilton, Universal City, Los Angeles, California
- Cost: $199
- Discount to ISSA Members: $125
Never before has it been so important for our community to learn about the dangers of cybercrime and what they need to do to protect their organizations from loss. Not just for the information security professional, the Summit will build on our chapter’s tradition of being the only educational forum in Los Angeles specifically designed to encourage participation and interaction among three vital information security constituencies: business leaders, technology professionals and information systems security leaders. Speakers include Alan Paller, Ira Winkler, Chris Coffey, and Lance Spitzer.
For more information click here
Central Ohio Chapter Hosts: 2012 Central Ohio InfoSec Summit
- Dates: May 17-18, 2012
- Location: Hyatt Regency, Downtown Columbus
- Cost: $175 for all attendees.
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus.
To register for this event click here.
Denver Chapter Hosts: The Rocky Mountain Information Security Conference
- Location: Date: May 17-18, 2012
- Time Thursday, May 17: 9 AM-7:30 PM, Friday, May 18: 7 AM – 5:30 PM
- Location: Sheraton Denver Downtown, 1550 Court Pl, Denver, CO
- Cost: Thursday: Optional full day training - $250
Friday: Main Conference
Student/Government/Military: $100
ISSA/ISACA Member: $200
Non-Member: $250
The Rocky Mountain Information Security Conference (RMISC) is the only conference of its kind in the Rocky Mountain region. The RMISC is a convenient, affordable knowledge-builder for IT security, audit, and compliance professionals at all levels. The RMISC provides the perfect blend of education, networking, and opportunities that are critical to your success in today’s economy and security climate! Pre-conference full-day workshops provide in-depth training with courses for management, technical, and audit professionals.
For more information and for registration click here
Lansing Chapter Hosts: 3rd Annual Netwars Event
Information Technology professionals are always challenged in finding ways to protect their IT infrastructure and assets. The Lansing Information Systems Security Association (ISSA) is hosting this third annual Netwars event to provide education and guidance on tools that will assist in responding to security events. Using a simulated attack and defend environment, industry experts will provide key concepts for a framework to guide in the everyday struggle of combating malicious intent.
All registrants will receive $5 off when pre-registering for this event. General public $45, ISSA members $35, Students $20.
Click here to register for this event. For more information or questions email the Marketing Director, MaryAnne MacIntosh.
North Alabama Chapter Hosts: 4th Annual Cyber Security Summit
- Date: June 7, 2012
- Time: 7 AM- 7 PM
- Location: Von Braun Convention Center, Huntsville, Alabama
The North Alabama chapter of ISSA is pleased to announce the 4th Annual North Alabama Cyber Security Summit co-presented by Cyber Huntsville. This one day event attracts 450+ attendees and over 45 exhibitors providing opportunities for business and intellectual engagement among attendees on topics related to Information Assurance and Cyber Security.
For more information and registration click here.
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
Security Development Conference
- Date: May 15-16, 2012
- Location: Washington DC, USA
- Discount to ISSA Members: $200
- Discount Code: ISSA@sdc2012%!29
Industry and government decision makers are increasingly aware that operational security protections and regulatory compliance are insufficient in protecting global applications and infrastructures. Organizations are realizing the value of secure development practices and seek to accelerate adoption and articulate this value to management.
The inaugural Microsoft Security Development Conference 2012 (SDC 2012) will bring together industry professionals to network and learn from security experts about secure development practices. SDC 2012 will include information for leaders in software engineering, process and business management who are responsible for implementing or accelerating the adoption and effectiveness of secure development practices in their organizations.
Click here to register and for more information
ITEC Cyber Security Training & Education Workshop
- Date: May 23-24, 2012
- Location: ExCeL Centre, London, UK
- Discount to ISSA Members: 10%
- Discount Code: ISSA/ITEC2012
The first international event to address the training, education and skills development imperatives for cross-sector Cyber Security.
High profile international speakers include Baroness Pauline Neville-Jones, UK Government Representative to Business on Cyber Security, and Dr. Ernest McDuffie, Lead, US National Initiative for Cybersecurity Education.
Widely acknowledged as the ‘fifth domain’ of modern warfare, cyber space presents its own unique set of challenges in terms of educating the cyber the workforce. Whilst these may be difficult to overcome, they also present an unparalleled opportunity for the public, private and military sectors to forge closer working relationships.
To register and for more information click here
SMi Presents the 5th Annual Cyber Defence Conference
Cyber Defence 2012 will offer delegates the opportunity to keep up-to-date with the latest developments, challenges and solutions on the cyber defence policy horizon, as well as to network with a fantastic array of international speakers from the cyber defence arena.
Click here for more details.2nd Annual Enterprise Risk Management for Banks and Financial Institutions
To register and for more information click here .
The 2nd Annual ERM for Banks and Financial Institutions Conference will bring together key ERM leaders from a banking and financial services perspective to create an environment for idea sharing, benchmarking, and strategic planning. The conference will aim to help banks move closer towards establishing an effective ERM system by properly using ERM to set risk appetite, embed risk considerations into the business strategy, get a clearer understanding of new regulation and by helping to quantify and aggregate different risk buckets across the enterprise.
HIPAA Audit Prep BootCamp
- Chicago, IL, June 25, 2012
- Nashville, TN, September 12, 2012
- Ft Lauderdale, FL, December 6, 2012
- Cost: $595 for first attendee from an organization; $495 for each additional
- Discount to ISSA Members: $495 for all attendees (discount of $100 for first attendee)
To register click here.
Topics covered include: privacy, security and breach regulatory requirements; OCR audit program, best practices for audit preparation, tools to facilitate compliance programs, and practical hands-on exercises.
For more information click here.
Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599
- Discount to ISSA Members: $300
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM, to ensure the information security of large datacenters and cloud computing implementations and addresses leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click hereData Protection & Privacy Law Compliance
This conference will focus on the rapidly changing landscape in privacy compliance and data protection laws. It will evaluate how to implement effective compliance programs within an organization in order to avoid investigation, loss of highly sensitive information, and criminal prosecution. Additionally, the conference will deal with key issues such as unsafe usage of mobile devices, implementing effective incident response plans, various U.S. state laws as it applies to data protection and privacy, monitoring the usage of new technologies, and the effect of the EU data reform framework in the U.S. as well as in other countries.
To register for this event click here
ISSA E-News: April 26, 2012
In this Issue
- New Logo Unveiled for ISSA International
- Spring Selection Cycle Opens for Senior Member and Fellows
- Meet the Candidates for Your International Board of Directors
- Journal Author Receives National Writing Award
- ISSA Web Conference
- Journal – Call for Articles
- ISSA Events and Industry Events
Sponsored by:
New Logo Unveiled for ISSA International
As security professionals, we live in an ever-evolving world. Our field is growing while gaining visibility and stature. Our career paths have been guided through our affiliation with ISSA. We have developed our expertise and become leaders in our specialties. As a result, last week the International Board of Directors approved a new logo that reflects our current forward-looking security community and complements the recently-adopted tagline “Developing and Connecting Cybersecurity Leaders Globally.” The new visual identity retains the familiarity that many associate with ISSA international. The new tagline and logo are our way of evolving with you, the information security expert, and those flocking to our profession.
Watch for the fresh look in next week’s issue of the ISSA Journal. New membership pins are coming soon.
Spring Selection Cycle Opens for Senior Member and Fellows
Applications for Senior Member and nominations for Fellow and Distinguished Fellow are currently open and will be accepted until June 14, 2012 at 11:59 p.m. US Pacific time. The submission guidelines and forms have been updated for this selection cycle, please consult the Fellow Program Guidelines and use the current forms to ensure you comply with all requirements.
The Fellow Program recognizes sustained membership and contributions to the profession. No more than 1% of members may hold Distinguished Fellow status at any given time. Fellow status will be limited to a maximum of 2% of the membership. There is no limitation on the number of members who may be granted Senior Member status.
If you have questions, please contact fellow@issa.org.
Meet the Candidates for Your International Board of Directors
Sixteen of your colleagues have been nominated as candidates for your International Board of Directors and are willing to give of their time to ensure ISSA continually strives to serve you better. Three candidates for International President and 13 for five Director positions were announced this week by Patricia Myers, chair of the Nominating and Election Committee.
President
Directors
Watch for your unique voter credentials on June 1. To vote you must be a General, CISO Executive, Lifetime and assigned Corporate, or Government Organizational member in good standing and have a current email address in your membership profile.
Journal Author Receives National Writing Award
ISSA Senior Member and toolsmith author Russ McRee has been awarded the American Society of Journalists and Authors (ASJA) 2012 Outstanding Articles Award – Honorable Mention for “Memory Analysis with DumpIt and Volatility,” ISSA Journal, September 2011.
“I am very pleased to have received Honorable Mention from ASJA,” stated McRee. “The toolsmith column in the Journal is successful in large part thanks to the dedication and zeal of the tool developers and their commitment to making the Internet and computing environments safer. I learn much from them in the process and hope it is conveyed to the readership in that light.”
McRee has been writing the toolsmith column monthly since October 2006, exploring a vast array of security tools while infusing the tireless pursuit of the bad guys with passion and wit. “Much appreciation is owed to the ISSA Journal for years of support and guidance,” added McRee. “Recognition by the ASJA makes what is already my privilege all the more rewarding.”
ASJA was founded in 1948 and serves as a professional organization of independent nonfiction writers, currently with more than 1400 members. "Prize-winning entries in the ASJA Awards reflect such writing and stylistic excellence that we authors read them and think ‘I wish I'd written that!1" said Salley Shannon, ASJA's president. "We created the awards not just to honor outstanding work, but to inspire us."
Congratulations, Russ!
1ASJA 2012 Awards – http://www.asja.org/media/nr120323.php.
ISSA Web Conference -You've Got Humans on Your Network: Securing the End User
Live Event: May 22, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Generously Supported By:
Web Conference Overview:
Even the best technology can be circumvented. All it takes is timing and a good story. Melisa, I Love You, The World’s Best Virus Scanner: what do these all have in common? They all circumvented security by tricking the users. As technology improves and the value of circumvention increases the weakest link will become the end user – and don’t kid yourself APT has proven they will be targeted. This session will discuss the human element and its impact on security.
Journal Call for Articles: July - Standards, Compliance, and Governance
Governance is the framework by which executive management manages and controls organizational activities to achieve goals and objectives as well as comply with relevant laws and regulations. Implementing a framework is a challenging task since there is no "one-size-fits-all" approach, and each organization must incorporate IT and Security into its organizational governance approach. The framework is reflected in leadership styles, organizational structures, supporting processes and standards, industries, and accountability for the actions taken.
For more a full description click here.Please submit articles by June 1 to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org.For a upcoming descriptions click here.
ISSA Events and Industry Events
ISSA CISO Executive Forum
| Denver, CO | May 16 - 17, 2012 |
|---|---|
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
New opportunities abound in the midst of amazing transformations in technology, business, and culture. Inspired by Disney’s innovative vision, the cybersecurity community will gather at the Magic Kingdom on October 25-26 to look at change as a chance to achieve excellence. Disruptions like “big data”, “cloud computing”, massive collaboration, and business transformation make it possible for us to blaze new trails and build effective foundations. We are enabling our work forces to be mobile and productive while protecting sensitive data. We build systems and policies that impede our foes and guard our constituents. This is an exciting time to be in the information security field and we are all vital in making our businesses faster, better, smarter and, most importantly, safer. Imagine the possibilities.
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
For more information click here
Portland Chapter Hosts: NW ISSA Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65
- Discount to ISSA Members: $50 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
ISSA Turkey Grand Security Conference
- Dates: May 11-12, 2012
- Time: 9:00-6:00
- Location: Microsoft Turkey Office/Bellavue Recidences Levent-Istanbul
- Cost: Free
- Discount to ISSA Members: Free
Join us at this Middle East security conference hosted in Istanbul by ISSA Istanbul Grand Security.
For more information about this event click here. To register click here.
Fourth Annual Los Angeles Information Security Summit: Protect Your Organization from the Growing Cyber Threat
- Date: May 16, 2012
- Time: 7:30 AM-7 PM
- Location: Universal Hilton, Universal City, Los Angeles, California
- Cost: $199
- Discount to ISSA Members: $125
Never before has it been so important for our community to learn about the dangers of cybercrime and what they need to do to protect their organizations from loss. Not just for the information security professional, the Summit will build on our chapter’s tradition of being the only educational forum in Los Angeles specifically designed to encourage participation and interaction among three vital information security constituencies: business leaders, technology professionals and information systems security leaders. Speakers include Alan Paller, Ira Winkler, Chris Coffey, and Lance Spitzer.
For more information click here
Central Ohio Chapter Hosts: 2012 Central Ohio InfoSec Summit
- Dates: May 17-18, 2012
- Location: Hyatt Regency, Downtown Columbus
- Cost: $175 for all attendees.
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus.
To register for this event click here.
Denver Chapter Hosts: The Rocky Mountain Information Security Conference
- Location: Date: May 17-18, 2012
- Time Thursday, May 17: 9 AM-7:30 PM, Friday, May 18: 7 AM – 5:30 PM
- Location: Sheraton Denver Downtown, 1550 Court Pl, Denver, CO
- Cost: Thursday: Optional full day training - $250
Friday: Main Conference
Student/Government/Military: $100
ISSA/ISACA Member: $200
Non-Member: $250
The Rocky Mountain Information Security Conference (RMISC) is the only conference of its kind in the Rocky Mountain region. The RMISC is a convenient, affordable knowledge-builder for IT security, audit, and compliance professionals at all levels. The RMISC provides the perfect blend of education, networking, and opportunities that are critical to your success in today’s economy and security climate! Pre-conference full-day workshops provide in-depth training with courses for management, technical, and audit professionals.
For more information and for registration click here
Fifth Annual Central Ohio InfoSec Summit
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus. Keynote presentations from nationally renowned speakers include: Howard Schmidt, Richard Clarke, Curtis Levinson, Rob Rachwald and William Hagestad to name a few .
For registration and more details click here.
North Alabama Chapter Hosts: 4th Annual Cyber Security Summit
- Date: June 7, 2012
- Time: 7 AM- 7 PM
- Location: Von Braun Convention Center, Huntsville, Alabama
The North Alabama chapter of ISSA is pleased to announce the 4th Annual North Alabama Cyber Security Summit co-presented by Cyber Huntsville. This one day event attracts 450+ attendees and over 45 exhibitors providing opportunities for business and intellectual engagement among attendees on topics related to Information Assurance and Cyber Security.
For more information and registration click here.
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
Infosecurity Montevideo 2012
- Date: Thursday, May 3, 2012
- Time: 8:30 AM – 1:00 PM
- Location: Centro de Convenciones y Eventos de la Torre de los Profesionales, Montevideo, Uruguay
- Cost: Free
INFOSECURITY 2012 a Week of Security in Montevideo – Cloud and Mobile Security
This event includes senior level strategies for protecting information, cyberwar for corporations, cloud security – protecting information outside of your organization, privacy – a problem without a solution?, protecting your executives or protecting yourself from them?
For more information regarding this event contact the ISSA Uruguay chapter.
Security Development Conference
- Date: May 15-16, 2012
- Location: Washington DC, USA
- Discount to ISSA Members: $200
- Discount Code: ISSA@sdc2012%!29
Industry and government decision makers are increasingly aware that operational security protections and regulatory compliance are insufficient in protecting global applications and infrastructures. Organizations are realizing the value of secure development practices and seek to accelerate adoption and articulate this value to management.
The inaugural Microsoft Security Development Conference 2012 (SDC 2012) will bring together industry professionals to network and learn from security experts about secure development practices. SDC 2012 will include information for leaders in software engineering, process and business management who are responsible for implementing or accelerating the adoption and effectiveness of secure development practices in their organizations.
Click here to register and for more information
ITEC Cyber Security Training & Education Workshop
- Date: May 23-24, 2012
- Location: ExCeL Centre, London, UK
- Discount to ISSA Members: 10%
- Discount Code: ISSA/ITEC2012
The first international event to address the training, education and skills development imperatives for cross-sector Cyber Security.
High profile international speakers include Baroness Pauline Neville-Jones, UK Government Representative to Business on Cyber Security, and Dr. Ernest McDuffie, Lead, US National Initiative for Cybersecurity Education.
Widely acknowledged as the ‘fifth domain’ of modern warfare, cyber space presents its own unique set of challenges in terms of educating the cyber the workforce. Whilst these may be difficult to overcome, they also present an unparalleled opportunity for the public, private and military sectors to forge closer working relationships.
To register and for more information click here
SMi Presents the 5th Annual Cyber Defence Conference
Cyber Defence 2012 will offer delegates the opportunity to keep up-to-date with the latest developments, challenges and solutions on the cyber defence policy horizon, as well as to network with a fantastic array of international speakers from the cyber defence arena.
Click here for more details.2nd Annual Enterprise Risk Management for Banks and Financial Institutions
To register and for more information click here .
The 2nd Annual ERM for Banks and Financial Institutions Conference will bring together key ERM leaders from a banking and financial services perspective to create an environment for idea sharing, benchmarking, and strategic planning. The conference will aim to help banks move closer towards establishing an effective ERM system by properly using ERM to set risk appetite, embed risk considerations into the business strategy, get a clearer understanding of new regulation and by helping to quantify and aggregate different risk buckets across the enterprise.
HIPAA Audit Prep BootCamp
- Chicago, IL, June 25, 2012
- Nashville, TN, September 12, 2012
- Ft Lauderdale, FL, December 6, 2012
- Cost: $595 for first attendee from an organization; $495 for each additional
- Discount to ISSA Members: $495 for all attendees (discount of $100 for first attendee)
To register click here.
Topics covered include: privacy, security and breach regulatory requirements; OCR audit program, best practices for audit preparation, tools to facilitate compliance programs, and practical hands-on exercises.
For more information click here.
Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599
- Discount to ISSA Members: $300
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM, to ensure the information security of large datacenters and cloud computing implementations and addresses leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click hereData Protection & Privacy Law Compliance
This conference will focus on the rapidly changing landscape in privacy compliance and data protection laws. It will evaluate how to implement effective compliance programs within an organization in order to avoid investigation, loss of highly sensitive information, and criminal prosecution. Additionally, the conference will deal with key issues such as unsafe usage of mobile devices, implementing effective incident response plans, various U.S. state laws as it applies to data protection and privacy, monitoring the usage of new technologies, and the effect of the EU data reform framework in the U.S. as well as in other countries.
To register for this event click hereISSA E-News: April 12, 2012
In this Issue
- Nominations for International Awards
- ISSA Web Conference – Breach Report Lessons Learned
- Industry Webinars
- Journal – Call for Articles
- ISSA Events and Industry Events
Sponsored by:
Make Your Nominations for International Awards by April 18
Nominations will be accepted from members like you, Chapter Boards, and International Directors until April 18 for the ISSA International Awards.
- Hall of Fame
- Honor Roll
- Security Professional of the Year
- Volunteer of the Year
- Organization of the Year
- Chapters of the Year
- President’s Award for Public Service
Send your nomination packages to awards@issa.org no later than Wednesday, April 18, 11:59 p.m. U.S. Pacific time. Use the appropriate nomination forms for each award and review the Awards Policies and Procedures for specific criteria. You can also find a roster of previous recipients on our website. Nominations may be emailed to awards@issa.org or faxed to +206 299 3366. If you have questions please contact ISSA International, 866 349 5818 (toll free within US), +206 388 4584 (international), extension 102.
ISSA Web Conference - Breach Report: Lessons Learned
Live Event: April 24, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Generously supported by:
Web Conference Overview:
Once again, the new data breach reports are published. Are we, as security professionals, succeeding in protecting our assets? This session will review the latest breach reports, provide insight into current trends, and evaluate potential solutions.
Industry Webinar - Mobility and the Open Web: Open Standards and Collaboration Redefine Enterprise IT
Date: Wednesday, April 18, 2012
Time: 11:30-12:30 PM ET
Sponsored By:
Industry Webcast Description:
Mobility is redefining how employees and customers interact with a company's products, applications and services. To address this technological and market shift, innovative IT organizations must leverage an abundance of resources, including open source components, development frameworks and "open web" technologies. And, perhaps most interesting, enterprises are embracing collaboration and creating their own developer "ecosystems" as a core element of their IT strategy.
Join Jeffrey Hammond, Principal Analyst, Forrester Research, and Black Duck Software to learn about how to leverage these important trends, technologies and development strategies.
Click here to view this webinar
Can't make this date? Register for the event and receive the slides and Webinar recording 48 hours after the Webinar.
Industry Webinar - Secure Development and Test Environments with Oracle Data Masking
Sponsored By:
Industry Webcast Description:
Many organizations inadvertently breach information when they routinely copy sensitive or regulated production data into non-production environments.
Join Jagan Athreya, Director of Product Management for Oracle as he discusses how Oracle Data Masking can help safeguard sensitive and valuable information, such as credit card and social security numbers, by replacing them with realistic values using a rich library of masking policies and formats.
This webinar will feature:
- How production data can be safely used for development, testing, and sharing with out-source or off-shore partners for non-production purposes.
- New application data modeling and sensitive data discovery tools from Oracle that can help you identify the critical databases you need to secure.
Click here to register for this event.
Journal – Call for Articles Crypto Update – What’s New and on the Horizon?
Cryptography is the pillar of information security that keeps prying eyes out of whatever data we wish to secure, be it email, financial transactions, secret recipes, sensitive and personal information, intellectual property – information at rest, on the move, and buried in repositories for perpetuity – providing confidentiality, integrity, non-repudiation, and supporting authentication, securing audit trails, and more. What's working? What is not? What's new on the horizon? What is your organization doing to optimize its use of cryptography? What are you doing to stay ahead? Are you planning to migrate to new cryptosystems or is your current implementation good enough? What type of fall-back plan do you have in place in the event that a new attack makes your cryptosystem unreliable?
The other side of the cryptosecurity coin is key management. Many would argue that while proof of concept attacks have been demonstrated, the reality is that today’s algorithms are feasibly unbreakable. Today, the most practical vector is attacking the keys and where they reside. Until we learn how to do key management well, it will be harder than it needs to be to protect data. Do you have any stories or experiences that describe key management challenges and how they have been met? If so, tell us.
Please submit articles by May 7 to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org. Click here for more issue theme descriptions.
ISSA Events
ISSA CISO Executive Forum
| Denver, CO | May 16 - 17, 2012 |
|---|---|
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
New opportunities abound in the midst of amazing transformations in technology, business, and culture. Inspired by Disney’s innovative vision, the cybersecurity community will gather at the Magic Kingdom on October 25-26 to look at change as a chance to achieve excellence. Disruptions like “big data”, “cloud computing”, massive collaboration, and business transformation make it possible for us to blaze new trails and build effective foundations. We are enabling our work forces to be mobile and productive while protecting sensitive data. We build systems and policies that impede our foes and guard our constituents. This is an exciting time to be in the information security field and we are all vital in making our businesses faster, better, smarter and, most importantly, safer. Imagine the possibilities.
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
For more information click here
Portland Chapter Hosts: NW ISSA Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65
- Discount to ISSA Members: $50 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
ISSA Turkey Grand Security Conference
- Dates: May 11-12, 2012
- Time: 9:00-6:00
- Location: Microsoft Turkey Office/Bellavue Recidences Levent-Istanbul
- Cost: Free
- Discount to ISSA Members: Free
Join us at this Middle East security conference hosted in Istanbul by ISSA Istanbul Grand Security.
For more information about this event click here. To register click here.
Fourth Annual Los Angeles Information Security Summit: Protect Your Organization from the Growing Cyber Threat
- Date: May 16, 2012
- Time: 7:30 AM-7 PM
- Location: Universal Hilton, Universal City, Los Angeles, California
- Cost: $199
- Discount to ISSA Members: $125
Never before has it been so important for our community to learn about the dangers of cybercrime and what they need to do to protect their organizations from loss. Not just for the information security professional, the Summit will build on our chapter’s tradition of being the only educational forum in Los Angeles specifically designed to encourage participation and interaction among three vital information security constituencies: business leaders, technology professionals and information systems security leaders. Speakers include Alan Paller, Ira Winkler, Chris Coffey, and Lance Spitzer.
For more information click here
Central Ohio Chapter Hosts: 2012 Central Ohio InfoSec Summit
- Dates: May 17-18, 2012
- Location: Hyatt Regency, Downtown Columbus
- Cost: $175 for all attendees.
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus.
To register for this event click here
Denver Chapter Hosts: The Rocky Mountain Information Security Conference
- Location: Date: May 17-18, 2012
- Time Thursday, May 17: 9 AM-7:30 PM, Friday, May 18: 7 AM – 5:30 PM
- Location: Sheraton Denver Downtown, 1550 Court Pl, Denver, CO
- Cost: Thursday: Optional full day training - $250
Friday: Main Conference
Student/Government/Military: $100
ISSA/ISACA Member: $200
Non-Member: $250
The Rocky Mountain Information Security Conference (RMISC) is the only conference of its kind in the Rocky Mountain region. The RMISC is a convenient, affordable knowledge-builder for IT security, audit, and compliance professionals at all levels. The RMISC provides the perfect blend of education, networking, and opportunities that are critical to your success in today’s economy and security climate! Pre-conference full-day workshops provide in-depth training with courses for management, technical, and audit professionals.
For more information and for registration click here
North Alabama Chapter Hosts: 4th Annual Cyber Security Summit
- Date: June 7, 2012
- Time: 7 AM- 7 PM
- Location: Von Braun Convention Center, Huntsville, Alabama
The North Alabama chapter of ISSA is pleased to announce the 4th Annual North Alabama Cyber Security Summit co-presented by Cyber Huntsville. This one day event attracts 450+ attendees and over 45 exhibitors providing opportunities for business and intellectual engagement among attendees on topics related to Information Assurance and Cyber Security.
For more information and registration click here.
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Houston, April 17-18
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
Security Development Conference
- Date: May 15-16, 2012
- Location: Washington DC, USA
- Discount to ISSA Members: $200
- Discount Code: ISSA@sdc2012%!29
Industry and government decision makers are increasingly aware that operational security protections and regulatory compliance are insufficient in protecting global applications and infrastructures. Organizations are realizing the value of secure development practices and seek to accelerate adoption and articulate this value to management.
The inaugural Microsoft Security Development Conference 2012 (SDC 2012) will bring together industry professionals to network and learn from security experts about secure development practices. SDC 2012 will include information for leaders in software engineering, process and business management who are responsible for implementing or accelerating the adoption and effectiveness of secure development practices in their organizations.
Click here to register and for more information
ITEC Cyber Security Training & Education Workshop
- Date: May 23-24, 2012
- Location: ExCeL Centre, London, UK
- Discount to ISSA Members: 10%
- Discount Code: ISSA/ITEC2012
The first international event to address the training, education and skills development imperatives for cross-sector Cyber Security.
High profile international speakers include Baroness Pauline Neville-Jones, UK Government Representative to Business on Cyber Security, and Dr. Ernest McDuffie, Lead, US National Initiative for Cybersecurity Education.
Widely acknowledged as the ‘fifth domain’ of modern warfare, cyber space presents its own unique set of challenges in terms of educating the cyber the workforce. Whilst these may be difficult to overcome, they also present an unparalleled opportunity for the public, private and military sectors to forge closer working relationships.
To register and for more information click here
SMi Presents the 5th Annual Cyber Defence Conference
Cyber Defence 2012 will offer delegates the opportunity to keep up-to-date with the latest developments, challenges and solutions on the cyber defence policy horizon, as well as to network with a fantastic array of international speakers from the cyber defence arena.
Click here for more details.2nd Annual Enterprise Risk Management for Banks and Financial Institutions
To register and for more information click here .
The 2nd Annual ERM for Banks and Financial Institutions Conference will bring together key ERM leaders from a banking and financial services perspective to create an environment for idea sharing, benchmarking, and strategic planning. The conference will aim to help banks move closer towards establishing an effective ERM system by properly using ERM to set risk appetite, embed risk considerations into the business strategy, get a clearer understanding of new regulation and by helping to quantify and aggregate different risk buckets across the enterprise.
HIPAA Audit Prep BootCamp
- Chicago, IL, June 25, 2012
- Nashville, TN, September 12, 2012
- Ft Lauderdale, FL, December 6, 2012
- Cost: $595 for first attendee from an organization; $495 for each additional
- Discount to ISSA Members: $495 for all attendees (discount of $100 for first attendee)
To register click here.
Topics covered include: privacy, security and breach regulatory requirements; OCR audit program, best practices for audit preparation, tools to facilitate compliance programs, and practical hands-on exercises.
For more information click here.
Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599
- Discount to ISSA Members: $300
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM, to ensure the information security of large datacenters and cloud computing implementations and addresses leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click here
ISSA E-News: April 26, 2012
In this Issue
- New Logo Unveiled for ISSA International
- Spring Selection Cycle Opens for Senior Member and Fellows
- Meet the Candidates for Your International Board of Directors
- Journal Author Receives National Writing Award
- ISSA Web Conference
- Journal – Call for Articles
- ISSA Events and Industry Events
Sponsored by:
Discover overlooked aspects of securing SharePoint environments, including best practices to help ensure the proper balance between user convenience and securing sensitive information.
New Logo Unveiled for ISSA International
As security professionals, we live in an ever-evolving world. Our field is growing while gaining visibility and stature. Our career paths have been guided through our affiliation with ISSA. We have developed our expertise and become leaders in our specialties. As a result, last week the International Board of Directors approved a new logo that reflects our current forward-looking security community and complements the recently-adopted tagline “Developing and Connecting Cybersecurity Leaders Globally.” The new visual identity retains the familiarity that many associate with ISSA international. The new tagline and logo are our way of evolving with you, the information security expert, and those flocking to our profession.
Watch for the fresh look in next week’s issue of the ISSA Journal. New membership pins are coming soon.
Spring Selection Cycle Opens for Senior Member and Fellows
Applications for Senior Member (insert link to Senior Member section of Fellow Program page) and nominations for Fellow and Distinguished Fellow (insert link to Fellow and Distinguished Fellow section of Fellow Program page) are currently open and will be accepted until June 14, 2012 at 11:59 p.m. US Pacific time. The submission guidelines and forms have been updated for this selection cycle, please consult the Fellow Program Guidelines and use the current forms to ensure you comply with all requirements.
The Fellow Program recognizes sustained membership and contributions to the profession. No more than 1% of members may hold Distinguished Fellow status at any given time. Fellow status will be limited to a maximum of 2% of the membership. There is no limitation on the number of members who may be granted Senior Member status.
If you have questions, please contact fellow@issa.org.
Meet the Candidates for Your International Board of Directors
Sixteen of your colleagues have been nominated as candidates for your International Board of Directors and are willing to give of their time to ensure ISSA continually strives to serve you better. Three candidates for International President and 13 for five Director positions were announced this week by Patricia Myers, chair of the Nominating and Election Committee.
President
Directors
Watch for your unique voter credentials on June 1. To vote you must be a General, CISO Executive, Lifetime and assigned Corporate, or Government Organizational member in good standing and have a current email address in your membership profile.
Journal Author Receives National Writing Award
ISSA Senior Member and toolsmith author Russ McRee has been awarded the American Society of Journalists and Authors (ASJA) 2012 Outstanding Articles Award – Honorable Mention for “Memory Analysis with DumpIt and Volatility,” ISSA Journal, September 2011.
“I am very pleased to have received Honorable Mention from ASJA,” stated McRee. “The toolsmith column in the Journal is successful in large part thanks to the dedication and zeal of the tool developers and their commitment to making the Internet and computing environments safer. I learn much from them in the process and hope it is conveyed to the readership in that light.”
McRee has been writing the toolsmith column monthly since October 2006, exploring a vast array of security tools while infusing the tireless pursuit of the bad guys with passion and wit. “Much appreciation is owed to the ISSA Journal for years of support and guidance,” added McRee. “Recognition by the ASJA makes what is already my privilege all the more rewarding.”
ASJA was founded in 1948 and serves as a professional organization of independent nonfiction writers, currently with more than 1400 members. "Prize-winning entries in the ASJA Awards reflect such writing and stylistic excellence that we authors read them and think ‘I wish I'd written that!1" said Salley Shannon, ASJA's president. "We created the awards not just to honor outstanding work, but to inspire us."
Congratulations, Russ
1ASJA 2012 Awards – http://www.asja.org/media/nr120323.php.
ISSA Web Conference -You've Got Humans on Your Network: Securing the End User
Live Event: May 22, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Generously Supported By:
Web Conference Overview:
Even the best technology can be circumvented all it takes is timing and a good story. Melisa, I Love You, The World’s Best Virus Scanner: what do these all have in common? They all circumvented security by tricking the users. As technology improves and the value of circumvention increases the weakest link will become the end user – and don’t kid yourself APT has proven they will be targeted. This session will discuss the human element and its impact on security.
Journal Call for Articles: July - Standards, Compliance, and Governance
Governance is the framework by which executive management manages and controls organizational activities to achieve goals and objectives as well as comply with relevant laws and regulations. Implementing a framework is a challenging task since there is no "one-size-fits-all" approach, and each organization must incorporate IT and Security into its organizational governance approach. The framework is reflected in leadership styles, organizational structures, supporting processes and standards, industries, and accountability for the actions taken.
For more a full description click here.Please submit articles by June 1 to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org. Click here for more issue theme descriptions.
ISSA Events and Industry Events
ISSA CISO Executive Forum
| Denver, CO | May 16 - 17, 2012 |
|---|---|
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
New opportunities abound in the midst of amazing transformations in technology, business, and culture. Inspired by Disney’s innovative vision, the cybersecurity community will gather at the Magic Kingdom on October 25-26 to look at change as a chance to achieve excellence. Disruptions like “big data”, “cloud computing”, massive collaboration, and business transformation make it possible for us to blaze new trails and build effective foundations. We are enabling our work forces to be mobile and productive while protecting sensitive data. We build systems and policies that impede our foes and guard our constituents. This is an exciting time to be in the information security field and we are all vital in making our businesses faster, better, smarter and, most importantly, safer. Imagine the possibilities.
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
For more information click here
Portland Chapter Hosts: NW ISSA Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65
- Discount to ISSA Members: $50 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
ISSA Turkey Grand Security Conference
- Dates: May 11-12, 2012
- Time: 9:00-6:00
- Location: Microsoft Turkey Office/Bellavue Recidences Levent-Istanbul
- Cost: Free
- Discount to ISSA Members: Free
Join us at this Middle East security conference hosted in Istanbul by ISSA Istanbul Grand Security.
For more information about this event click here. To register click here.
Fourth Annual Los Angeles Information Security Summit: Protect Your Organization from the Growing Cyber Threat
- Date: May 16, 2012
- Time: 7:30 AM-7 PM
- Location: Universal Hilton, Universal City, Los Angeles, California
- Cost: $199
- Discount to ISSA Members: $125
Never before has it been so important for our community to learn about the dangers of cybercrime and what they need to do to protect their organizations from loss. Not just for the information security professional, the Summit will build on our chapter’s tradition of being the only educational forum in Los Angeles specifically designed to encourage participation and interaction among three vital information security constituencies: business leaders, technology professionals and information systems security leaders. Speakers include Alan Paller, Ira Winkler, Chris Coffey, and Lance Spitzer.
For more information click here
Central Ohio Chapter Hosts: 2012 Central Ohio InfoSec Summit
- Dates: May 17-18, 2012
- Location: Hyatt Regency, Downtown Columbus
- Cost: $175 for all attendees.
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus.
To register for this event click here.
Denver Chapter Hosts: The Rocky Mountain Information Security Conference
- Location: Date: May 17-18, 2012
- Time Thursday, May 17: 9 AM-7:30 PM, Friday, May 18: 7 AM – 5:30 PM
- Location: Sheraton Denver Downtown, 1550 Court Pl, Denver, CO
- Cost: Thursday: Optional full day training - $250
Friday: Main Conference
Student/Government/Military: $100
ISSA/ISACA Member: $200
Non-Member: $250
The Rocky Mountain Information Security Conference (RMISC) is the only conference of its kind in the Rocky Mountain region. The RMISC is a convenient, affordable knowledge-builder for IT security, audit, and compliance professionals at all levels. The RMISC provides the perfect blend of education, networking, and opportunities that are critical to your success in today’s economy and security climate! Pre-conference full-day workshops provide in-depth training with courses for management, technical, and audit professionals.
For more information and for registration click here
Fifth Annual Central Ohio InfoSec Summit
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus. Keynote presentations from nationally renowned speakers include: Howard Schmidt, Richard Clarke, Curtis Levinson, Rob Rachwald and William Hagestad to name a few .
For registration and more details click here.
North Alabama Chapter Hosts: 4th Annual Cyber Security Summit
- Date: June 7, 2012
- Time: 7 AM- 7 PM
- Location: Von Braun Convention Center, Huntsville, Alabama
The North Alabama chapter of ISSA is pleased to announce the 4th Annual North Alabama Cyber Security Summit co-presented by Cyber Huntsville. This one day event attracts 450+ attendees and over 45 exhibitors providing opportunities for business and intellectual engagement among attendees on topics related to Information Assurance and Cyber Security.
For more information and registration click here.
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
Infosecurity Montevideo 2012
- Date: Thursday, May 3, 2012
- Time: 8:30 AM – 1:00 PM
- Location: Centro de Convenciones y Eventos de la Torre de los Profesionales, Montevideo, Uruguay
- Cost: Free
INFOSECURITY 2012 a Week of Security in Montevideo – Cloud and Mobile Security
This event includes senior level strategies for protecting information, cyberwar for corporations, cloud security – protecting information outside of your organization, privacy – a problem without a solution?, protecting your executives or protecting yourself from them?
For more information regarding this event contact the ISSA Uruguay chapter.
Security Development Conference
- Date: May 15-16, 2012
- Location: Washington DC, USA
- Discount to ISSA Members: $200
- Discount Code: ISSA@sdc2012%!29
Industry and government decision makers are increasingly aware that operational security protections and regulatory compliance are insufficient in protecting global applications and infrastructures. Organizations are realizing the value of secure development practices and seek to accelerate adoption and articulate this value to management.
The inaugural Microsoft Security Development Conference 2012 (SDC 2012) will bring together industry professionals to network and learn from security experts about secure development practices. SDC 2012 will include information for leaders in software engineering, process and business management who are responsible for implementing or accelerating the adoption and effectiveness of secure development practices in their organizations.
Click here to register and for more information
ITEC Cyber Security Training & Education Workshop
- Date: May 23-24, 2012
- Location: ExCeL Centre, London, UK
- Discount to ISSA Members: 10%
- Discount Code: ISSA/ITEC2012
The first international event to address the training, education and skills development imperatives for cross-sector Cyber Security.
High profile international speakers include Baroness Pauline Neville-Jones, UK Government Representative to Business on Cyber Security, and Dr. Ernest McDuffie, Lead, US National Initiative for Cybersecurity Education.
Widely acknowledged as the ‘fifth domain’ of modern warfare, cyber space presents its own unique set of challenges in terms of educating the cyber the workforce. Whilst these may be difficult to overcome, they also present an unparalleled opportunity for the public, private and military sectors to forge closer working relationships.
To register and for more information click here
SMi Presents the 5th Annual Cyber Defence Conference
Cyber Defence 2012 will offer delegates the opportunity to keep up-to-date with the latest developments, challenges and solutions on the cyber defence policy horizon, as well as to network with a fantastic array of international speakers from the cyber defence arena.
Click here for more details.2nd Annual Enterprise Risk Management for Banks and Financial Institutions
To register and for more information click here .
The 2nd Annual ERM for Banks and Financial Institutions Conference will bring together key ERM leaders from a banking and financial services perspective to create an environment for idea sharing, benchmarking, and strategic planning. The conference will aim to help banks move closer towards establishing an effective ERM system by properly using ERM to set risk appetite, embed risk considerations into the business strategy, get a clearer understanding of new regulation and by helping to quantify and aggregate different risk buckets across the enterprise.
HIPAA Audit Prep BootCamp
- Chicago, IL, June 25, 2012
- Nashville, TN, September 12, 2012
- Ft Lauderdale, FL, December 6, 2012
- Cost: $595 for first attendee from an organization; $495 for each additional
- Discount to ISSA Members: $495 for all attendees (discount of $100 for first attendee)
To register click here.
Topics covered include: privacy, security and breach regulatory requirements; OCR audit program, best practices for audit preparation, tools to facilitate compliance programs, and practical hands-on exercises.
For more information click here.
Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599
- Discount to ISSA Members: $300
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM, to ensure the information security of large datacenters and cloud computing implementations and addresses leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click hereData Protection & Privacy Law Compliance
This conference will focus on the rapidly changing landscape in privacy compliance and data protection laws. It will evaluate how to implement effective compliance programs within an organization in order to avoid investigation, loss of highly sensitive information, and criminal prosecution. Additionally, the conference will deal with key issues such as unsafe usage of mobile devices, implementing effective incident response plans, various U.S. state laws as it applies to data protection and privacy, monitoring the usage of new technologies, and the effect of the EU data reform framework in the U.S. as well as in other countries.
To register for this event click hereISSA E-News: March 22, 2012
In this Issue
- ISSA International Conference – Call for Speakers Deadline March 29
- March 27 ISSA Web Conference - Security and Legislation
- Make Your Nominations for International Awards
- Industry Webinars
- Journal – Call for Articles
- ISSA Events and Industry Events
Sponsor
ISSA International Conference – Call for Speakers Deadline March 29
October 25-26, 2012
Disneyland Hotel – Anaheim, CA
Theme: The Magic Kingdom - Embracing a Changing World
Speaker Submissions Due: March 29
New opportunities abound in the midst of amazing transformations in technology, business, and culture. Inspired by Disney’s innovative vision, the cybersecurity community will gather at the Magic Kingdom on October 25-26 to look at change as a chance to achieve excellence. Disruptions like “big data”, “cloud computing”, massive collaboration, and business transformation make it possible for us to blaze new trails and build effective foundations. This is an exciting time to be in the information security field and we are all vital in making our businesses faster, better, smarter and, most importantly, safer.
Please consider lending your expertise and experience to this world class event. Call for speaker details are available online.
ISSA Web Conference - Security and Legislation
Live Event: March 27, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Generously supported by:
Web Conference Overview:
As technology evolves so do usage and threat models. As these threats advance, they bring to the forefront questions of liability and mitigation. In the end, as security professionals, we are required to deal with new – or even old - laws that must be applied to outdated usage models. This session will explore evolving laws in the context of technological advancements and actions we can take to ensure we are compliant.
Make Your Nominations for the International Awards
Nominations are now being accepted for the ISSA International Awards. You, as a member in good standing, are eligible to propose candidates for:
- Hall of Fame
- Honor Roll
- Security Professional of the Year
- Volunteer of the Year
- Chapters of the Year
- Organization of the Year
- Public Service
Honorees will receive their awards at the ISSA International Conference in Anaheim in October.
Anyone interested in submitting candidates should review the Awards Policies and Procedures, the appropriate nomination forms and roster of previous recipients. Nominations may be emailed to awards@issa.org or faxed to +206 299 3366 no later than Wednesday, April 18, 11:59 p.m. U.S. Pacific time. If you have questions please contact ISSA International, 866 349 5818 (toll free within US), +206 388 4584 (international), extension 102.
Industry Webinar
Secure Development and Test Environments with Oracle Data Masking
Sponsored By:
Industry Webcast Description:
Many organizations inadvertently breach information when they routinely copy sensitive or regulated production data into non-production environments.
Join Jagan Athreya, Director of Product Management for Oracle as he discusses how Oracle Data Masking can help safeguard sensitive and valuable information, such as credit card and social security numbers, by replacing them with realistic values using a rich library of masking policies and formats.
This webinar will feature:
- How production data can be safely used for development, testing, and sharing with out-source or off-shore partners for non-production purposes.
- New application data modeling and sensitive data discovery tools from Oracle that can help you identify the critical databases you need to secure.
Journal Call for Articles: May – Security Architecture
Systems and applications typically do not exist in isolation, certainly not in the commercial sectors where many of us work. Thus, we must consider the context where these systems and applications exist. That context can be described as a security architecture and governance framework. These enable the various security controls we design, implement, and manage to function in a holistic and cohesive manner and in accordance to a security policy.
Developing a security architecture and associated governance framework often involves a risk analysis-based process. This must take into consideration the business and technical requirements that an organization must address in conjunction with evaluating the potential threats, risks, and vulnerabilities. Often formalized methods are used to develop a security architecture. The ISO 27001 and ISO 27002 standards, for example, provide guidance on how to create an Information Security Management System using different security control objectives; NIST 800-53 takes a similar approach.
The ISSA Journal Editorial Advisory Board would like to hear from you regarding your experience with security architecture. What approach is the most successful in your environment? What methodology do you use? Do you use a risk-based approach or something else? How do you measure the success of your security architecture? What works? What doesn't?
Due Date: April 1, 2012
For more information on how to submit an article click here.
ISSA and Industry Events
ISSA CISO Executive Forum
| Denver, CO | May 16 - 17, 2012 |
|---|---|
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization.Click here for membership criteria.
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
If you have question about the Conference please email: conference customer service.
For more information click here
Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review
The Raleigh ISSA Chapter is holding an (ISC)2 CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.
- Dates: Saturdays, March 10,17,24, 2012
- Time: 8 AM - 3PM
- Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina
Cost for all three sessions (includes breakfast, lunch and refreshments):
- $50 ISSA
- $75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
- $100 for all others
- No Refunds
Required student resources:
- Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)2 Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
- Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
- Forum: See the http://cccure.org/ Web site for answers to your questions and more.
To register and for more information click here
Utah Chapter Hosts: Infrastructure Vulnerabilities & Defenses and Their Impact on Business
- Presenters:
- Attacking and Defending the Smart Grid - Justin Searle, Managing Partner of UtiliSec
- John Hunter, IT Director, South Valley Water
- Dr. Dale Rowe, Brigham Young University
- Schedule
- 8:45 AM welcome
- 9:00 Introduction of speakers
- 12:00 Luncheon
- 13:00 Event ends
To register and for more information click here
Phoenix Chapter Hosts: Q2/12 Quarterly Training Forum
- Date: Tuesday, April 3, 2012
- Time: 11:30 AM –5 PM: Sign-in, Pickup Lunch, and Networking
- Location: ITT Technical Institute 5005 W. Wendler Dr., Tempe, AZ 85282 (NW Corner, I-10 & Baseline, Across from Fry's Electronics)
- Event Cost: Entrance is free to ISSA members when they pre-register. Walk-ins, guests, and non-ISSA members $25Bring your peers and managers—guests are welcome anytime
Please join us! Our speakers represent security leaders in different industries who will share their insights and expertise. Stay on top of an ever-changing field with leading edge content. Lunch and snacks provided by ITT. Earn 4 hours CPE credits for certification maintenance (we provide the certificate if you preregister). Meet and network with other security professionals. Win great door prizes!
For event details and registration click here
For additional event details please contact: Charles McCarthy, Phoenix ISSA Program Director
Rainier Chapter Member Meeting
The Rainier Chapter member meetings include presentations about various areas of security. Our goal is to help security professionals to stay up to date with current security trends.
This month we are welcoming Eve Maler from Forrester Research.
Eve is a principal analyst serving security & risk professionals. She is an expert on emerging identity and security solutions, identity federation, consumer-facing identity and web access management, distributed authorization, privacy enhancement, and web services security.
The topic this month:
The Security Assertion Markup Language (SAML) has been king of the federated identity hill for a decade, but there are mountains of use cases it doesn't answer well: mobile SSO, agile partnering, trust relationships, social sign-in, the long tail of SaaS services, and more. What are the stress points? What has rushed in to fill the gap? How can we prepare for identity and access management in a “Zero Trust” world? We'll take a look at the past, present, and future of SAML and its cousins in the world of loosely coupled identity.
Lima, Perú Chapter Hosts: Cyber Security Government – PERÚ 2012
This is the foremost information security event throughout Latin America with a governmental focus. This event includes intensive sessions with the opportunity to connect with professionals and industry practitioners.
For more information click here
Portland Chapter Hosts: NW ISSA Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65
- Discount to ISSA Members: $50 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
Fourth Annual Los Angeles Information Security Summit: Protect Your Organization from the Growing Cyber Threat
- Date: May 16, 2012
- Time: 7:30 AM-7 PM
- Location: Universal Hilton, Universal City, Los Angeles, California
- Cost: $199
- Discount to ISSA Members: $125
Never before has it been so important for our community to learn about the dangers of cybercrime and what they need to do to protect their organizations from loss. Not just for the information security professional, the Summit will build on our chapter’s tradition of being the only educational forum in Los Angeles specifically designed to encourage participation and interaction among three vital information security constituencies: business leaders, technology professionals and information systems security leaders. Speakers include Alan Paller, Ira Winkler, Chris Coffey, and Lance Spitzer.
For more information click here
Central Ohio Chapter Hosts: 2012 Central Ohio InfoSec Summit
- Dates: May 17-18, 2012
- Location: Hyatt Regency, Downtown Columbus
- Cost: Early Bird Price of $75 for: ISSA, ISACA, ISC(2), OWASP, or InfraGard Members - Expires at Midnight on March 31st -- Full Price $175 after March 31st for all attendees.
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, downtown Columbus.
To register for this event click here
Denver Chapter Hosts: The Rocky Mountain Information Security Conference
- Location: Date: May 17-18, 2012
- Time Thursday, May 17: 9 AM-7:30 PM, Friday, May 18: 7 AM – 5:30 PM
- Location: Sheraton Denver Downtown, 1550 Court Pl, Denver, CO
- Cost: Thursday: Optional full day training - $250
Friday: Main Conference
Student/Government/Military: $100
ISSA/ISACA Member: $150 (early), $200 (after 3/30)
Non-Member: $200 (early), $250 (after 3/30)
The Rocky Mountain Information Security Conference (RMISC) is the only conference of its kind in the Rocky Mountain region. The RMISC is a convenient, affordable knowledge-builder for IT security, audit, and compliance professionals at all levels. The RMISC provides the perfect blend of education, networking, and opportunities that are critical to your success in today’s economy and security climate! Pre-conference full-day workshops provide in-depth training with courses for management, technical, and audit professionals.
For more information and for registration click here
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Boston, March 28-29
- Atlanta, April 10-11
- Houston, April 17-18
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
EdTechDay 2012 Southern Tier of New York
- Location: Date: March 22, 2012
- Time: 9 AM - 4 PM
- Location: Ithaca College
- Cost: Free
This regional technology event will focus on education. For more information and for registration click here
Payment Technology & Risk Forum 2012 – Beirut
- Dates: March 27-28, 2012
- Time: 9:00 AM-5:00 PM on both days
- Location: Beirut, Lebanon
- Cost: $750 USD
- Discount to ISSA Members: 10% discount
The Payment Technology & Risk Forum 2012 is designed for card payments and IT experts focused on managing and implementing payment systems. The forum covers key industry developments from both management and technical perspectives. Delegates who attend this forum will find many myths dispelled and be equipped with clear and practical guidance.
For information and more details click here
ITEC Cyber Security Training & Education Workshop
- Date: May 23-24, 2012
- Location: ExCeL Centre, London, UK
- Discount to ISSA Members: 10%
- Discount Code: ISSA/ITEC2012
The first international event to address the training, education and skills development imperatives for cross-sector Cyber Security.
High profile international speakers include Baroness Pauline Neville-Jones, UK Government Representative to Business on Cyber Security, and Dr. Ernest McDuffie, Lead, US National Initiative for Cybersecurity Education.
Widely acknowledged as the ‘fifth domain’ of modern warfare, cyber space presents its own unique set of challenges in terms of educating the cyber the workforce. Whilst these may be difficult to overcome, they also present an unparalleled opportunity for the public, private and military sectors to forge closer working relationships.
To register and for more information click here
SMi Presents the 5th Annual Cyber Defence Conference
Cyber Defence 2012 will offer delegates the opportunity to keep up-to-date with the latest developments, challenges and solutions on the cyber defense policy horizon, as well as to network with a fantastic array of international speakers from the cyber defense arena.
Click here for more details.2nd Annual Enterprise Risk Management for Banks and Financial Institutions
To register and for more information click here .
The 2nd Annual ERM for Banks and Financial Institutions Conference will bring together key ERM leaders from a banking and financial services perspective to create an environment for idea sharing, benchmarking, and strategic planning. The conference will aim to help banks move closer towards establishing an effective ERM system by properly using ERM to set risk appetite, embed risk considerations into the business strategy, get a clearer understanding of new regulation and by helping to quantify and aggregate different risk buckets across the enterprise.
Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599
- Discount to ISSA Members: $300
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM. To ensure the information security of large datacenters and cloud computing implementations we address leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click here
ISSA E-News: March 8, 2012
In this Issue
- March 15 Deadline: Nominations for International Board Election
- ISSA International Conference – Call for Speakers
- International Awards Nominations Open to All Members
- ISSA Web Conference Security and Legislation
- ISSA and Industry Events
March 15 Deadline: Nominations for International Board Election
There is just one week left to submit your nominations for the June election of the International Board of Directors. All nominations must be received by 11:59 p.m. on March 15. The International President and five directors will be elected to lead the association for the next two years.
Anyone interested in being nominated should thoroughly review the election guidelines. Information on the responsibilities of the International Board of Directors can also be found in Article VI of the ISSA By-Laws.
Required documents and instructions on the nomination process are available on Connect. Nomination packages should be sent to electionchair@issa.org or faxed to +206 299 3366. If you have questions, call ISSA headquarters, 866 349 5818 (toll free within the US), +1 206 388 4584 (international), extension 102.
ISSA International Conference – Call for Speakers
October 25-26, 2012Disneyland Hotel – Anaheim, CA
Theme: The Magic Kingdom - Embracing a Changing World
Speaker Submissions Due: March 29
New opportunities abound in the midst of amazing transformations in technology, business, and culture. Inspired by Disney’s innovative vision, the cybersecurity community will gather at the Magic Kingdom on October 25-26 to look at change as a chance to achieve excellence. Disruptions like “big data”, “cloud computing”, massive collaboration, and business transformation make it possible for us to blaze new trails and build effective foundations. We are enabling our work forces to be mobile and productive while protecting sensitive data. We build systems and policies that impede our foes and guard our constituents. This is an exciting time to be in the information security field and we are all vital in making our businesses faster, better, smarter and, most importantly, safer. Imagine the possibilities.
Please consider lending your expertise and experience to this world class event. Call for speaker details are available online.International Awards Nominations Open to All Members
A new “Volunteer of the Year” award, opening nominations to all members and cash awards for Chapters of the Year are among the changes made to the International Awards for 2012. Beginning this week, any member in good standing is eligible to propose candidates for:
- Nominees will be evaluated on their activities and programs in six areas: member services, membership development, projects and special events, development of the next generation of security professionals, communications and marketing, and participation and support of ISSA International initiatives and programs.
- Three awards will be given based on size: less than 100 members, 100-200 members, more than 200 members.
- Chapters of the Year will each receive $500 toward a member appreciation event or a donation in the chapter’s name to a scholarship fund of the winner’s choice.
In addition to having their awards presented at the ISSA International Conference in Anaheim in October, winners receive travel, lodging and complimentary registration.
Who would you like to see recognized? Anyone interested in submitting candidates should review the Awards Policies and Procedures and the appropriate nomination forms. Nominations may be emailed to awards@issa.org or faxed to +206 299 3366 no later than 11:59 p.m. U.S. Pacific time on Wednesday, April 18. If you have questions please contact ISSA International, 866 349 5818 (toll free within US), +206 388 4584 (international), extension 102.
ISSA Web Conference Security and Legislation
Live Event: March 27, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Click here for more information
Generously supported by:
Web Conference Overview:
As technology evolves so do usage and threat models. As these threats advance, they bring to the forefront questions liability and mitigation. In the end, as security professionals, we are required to deal with new – or even old - laws that must be applied to outdated usage models. This session will explore evolving laws in the context of technological advancements and actions we can take to ensure we are compliant.
ISSA and Industry Events
ISSA CISO Executive Forum
| Denver, CO | May 16 - 17, 2012 |
|---|---|
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
If you have question about the Conference please email: conference customer service.
For more information click here
South Florida Chapter Presents: Taking Security Seriously?!
This event will host keynote speaker Dave Aitel. Members will have an opportunity to attend more than ten speaking sessions, network with peers, and engage in multiple breakout sessions.
Click here to register for this event.
For more information and a complete agenda click here.
Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review
The Raleigh ISSA Chapter is holding an (ISC)2 CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.
- Dates: Saturdays, March 10,17,24, 2012
- Time: 8 AM - 3PM
- Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina
Cost for all three sessions (includes breakfast, lunch and refreshments):
- $50 ISSA
- $75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
- $100 for all others
- No Refunds
Required student resources:
- Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)2 Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
- Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
- Forum: See the http://cccure.org/ Web site for answers to your questions and more.
To register and for more information click here
Phoenix Chapter Hosts: Q2/12 Quarterly Training Forum
- Date: Tuesday, April 3, 2012
- Time: 11:30 AM –5 PM: Sign-in, Pickup Lunch, and Networking
- Location: ITT Technical Institute 5005 W. Wendler Dr., Tempe, AZ 85282 (NW Corner, I-10 & Baseline, Across from Fry's Electronics)
- Event Cost: Entrance is free to ISSA Members when they Pre-register. Walk-ins, Guests, and Non-ISSA Members $25Bring your peers and managers—guests are welcome anytime
Please join us! Our speakers represent security leaders in different industries who will share their insights and expertise. Stay on top of an ever-changing field with leading edge content. Lunch and snacks provided by ITT. Earn 4 hours CPE credits for certification maintenance (we provide the certificate if you preregister). Meet and network with other security professionals. Win great door prizes!
For event details and registration click here
For additional event details please contact: Charles McCarthy, Phoenix ISSA Program Director
Portland Chapter Hosts: NW ISSA Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65
- Discount to ISSA Members: $50 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
Central Ohio Chapter Hosts: 2012 Central Ohio InfoSec Summit
- Dates: May 17-18, 2012
- Location: Hyatt Regency, Downtown Columbus
- Cost: Early Bird Price of $75 for: ISSA, ISACA, ISC(2), OWASP, or InfraGard Members - Expires at Midnight on March 31st -- Full Price $175 after March 31st for all attendees.
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus.
To register for this event click here
Denver Chapter Hosts: The Rocky Mountain Information Security Conference
- Location: Date: May 17-18, 2012
- Time Thursday, May 17: 9 AM-7:30 PM, Friday, May 18: 7 AM – 5:30 PM
- Location: Sheraton Denver Downtown, 1550 Court Pl, Denver, CO
- Cost: Thursday: Optional full day training - $250
Friday: Main Conference
Student/Government/Military: $100
ISSA/ISACA Member: $150 (early), $200 (after 3/30)
Non-Member: $200 (early), $250 (after 3/30)
The Rocky Mountain Information Security Conference (RMISC) is the only conference of its kind in the Rocky Mountain region. The RMISC is a convenient, affordable knowledge-builder for IT security, audit, and compliance professionals at all levels. The RMISC provides the perfect blend of education, networking, and opportunities that are critical to your success in today’s economy and security climate! Pre-conference full-day workshops provide in-depth training with courses for management, technical, and audit professionals.
For more information and for registration click here
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Boston, March 28-29
- Atlanta, April 10-11
- Houston, April 17-18
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
Sophos Hosts: Anatomy of an Attack How Hackers Threaten Your Security
- Date: March 14, 2012
- Time: 10:00 AM – 2:30 PM
- Location: Portland Marriott- Downtown Waterfront, 1401 SW Naito Parkway, Portland, OR 97201
- Cost: Free to ISSA members
Are you concerned that a malware attack will put your business at risk? Learn how today's cybercriminals target your computer, identity and money and get practical advice on how to combat anything that comes your way. Sophos security experts Chester Wisniewski and John Shier will explore how malware threats actually work and what you can do to protect your company today.
Click here to register for this event.
5th Annual Enterprise Risk Management Conference
- Dates: March 19-21, 2012
- Location: Chicago, IL
- Cost: $2,695 – End-user, $2,995 – Vendor/Consultant
- Discount to ISSA Members: 10%
- Discount Code: “ISSA”
Join ERM leaders from Xcel Energy, Pinnacle Entertainment, HSBC, Eli Lilly & Company, Comcast Corporation, OfficeMax, Harley Davidson, Constellation Energy Group and many more!
Attending This Event Will Enable You to:
- Become aware that risk management has become more complex and critical in the current economic environment.
- Learn about various concerns in business operations including globalization, technology, economic environment, regulators, competitors and speed of change
- Maintain costs, while maintaining a proper focus on enterprise wide risk
- Better educate your board on the nuances of enterprise risk management
- Lead the effort around formalizing the companies risk management program
To register for this event click here
EdTechDay 2012 Southern Tier of New York
- Location: Date: March 22, 2012
- Time: 9 AM - 4 PM
- Location: Ithaca College
- Cost: Free
This regional technology event will focus on education. For more information and for registration click here
Payment Technology & Risk Forum 2012 – Beirut
- Dates: March 27-28, 2012
- Time: 9:00 AM-5:00 PM on both days
- Location: Beirut, Lebanon
- Cost: $750 USD
- Discount to ISSA Members: 10% discount
The Payment Technology & Risk Forum 2012 is designed for card payments and IT experts focused on managing and implementing payment systems. The forum covers key industry developments from both management and technical perspectives. Delegates who attend this forum will find many myths dispelled and be equipped with clear and practical guidance.
For information and more details click here
ITEC Cyber Security Training & Education Workshop
- Date: May 23-24, 2012
- Location: ExCeL Centre, London, UK
- Discount to ISSA Members: 10%
- Discount Code: ISSA/ITEC2012
The first international event to address the training, education and skills development imperatives for cross-sector Cyber Security.
High profile international speakers include Baroness Pauline Neville-Jones, UK Government Representative to Business on Cyber Security, and Dr. Ernest McDuffie, Lead, US National Initiative for Cybersecurity Education.
Widely acknowledged as the ‘fifth domain’ of modern warfare, cyber space presents its own unique set of challenges in terms of educating the cyber the workforce. Whilst these may be difficult to overcome, they also present an unparalleled opportunity for the public, private and military sectors to forge closer working relationships.
To register and for more information click here
SMi Presents the 5th Annual Cyber Defence Conference
Cyber Defence 2012 will offer delegates the opportunity to keep up-to-date with the latest developments, challenges and solutions on the cyber defense policy horizon, as well as to network with a fantastic array of international speakers from the cyber defense arena.
Click here for more details.Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599
- Discount to ISSA Members: $300
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM, to ensure the information security of large datacenters and cloud computing implementations and addresses leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click here
ISSA E-News: February 23, 2012
In this Issue
- Submit Nominations for International Board Election
- Member Reception at RSA Conference
- Special Invitation for Friends of Gene Schultz
- ISSA Web Conference- Security and Legislation
- 2012 Member Survey Winners
- Journal Call for Articles
- ISSA and Industry Events
A virtual event for IT Luminaries. Join today
Download the NEW FireEye Advanced Threat Report and learn how targeted and APT attacks are compromising enterprise networks.
Submit Nominations for International Board Election
Nominations are being accepted for the June election of the International Board of Directors. You will be electing the International President and five directors to lead the association for the next two years.
Anyone interested in being nominated should thoroughly review the election guidelines. Information on the responsibilities of the International Board of Directors can also be found in Article VI of the ISSA By-Laws.
Required documents and instructions on the nomination process are available on Connect. All nominations must be received by 11:59 p.m. on March 15. If you have questions or need assistance, please contact electionchair@issa.org or call ISSA headquarters, 866 349 5818 (toll free within the US), +1 206 388 4584 (international), extension 102.
Member Reception at RSA Conference
Tuesday, February 28 | 6:00-7:30 p.m. | Room 300 (located in Moscone South on the Esplanade Level)
Socialize and network with your ISSA colleagues and honor our newest Distinguished Fellows and Fellows at RSA Conference 2012 in San Francisco, CA - USA. RSVP online today.
Don’t forget to stop by the ISSA booth 149 in the Expo to pick up your member ribbon and enter a drawing to win a gift basket with valuable prizes to help you connect, learn, and advance.
Thank you to Neohapisis for its generous support of the member reception. Attendees will receive an advance copy of “The Secure Social and Mobile Enterprise,” a best practices paper presented by Steve Hunt, Director Neohapsis Lab.
Special Invitation for Friends of Gene Schultz
A memorial service is being planned at the RSA Conference for friends of Gene Schultz. Not everyone could attend the memorial service held by his family last fall. Some of his friends felt it would be fitting to have a small gathering the evening of February 29 to remember him. If you would like an invitation, contact Gene Spafford, gene@spaf.us.
ISSA Web Conference - Security and Legislation
Live Event: March 27, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Generously supported by:
Web Conference Overview:
As technology evolves so do usage and threat models. As these threats advance, they bring to the forefront questions of liability and mitigation. In the end, as security professionals, we are required to deal with new – or even old - laws that must be applied to outdated usage models. This session will explore evolving laws in the context of technological advancements and actions we can take to ensure we are compliant.
2012 Member Survey Winners
Thank you to all who participated in the 2012 Member Survey. Your feedback provides important information for the volunteers who guide the international association, chapters, and educational programs.
Congratulations to Alex Harwood (Los Angeles Chapter), Blair Meiser (New Jersey Chapter), and James Wentzel (New England Chapter) who each won a pass to the ISSA International Conference and a $50 American Express gift card based on a random drawing of survey participants.
Journal Call for Articles- May - Security Architecture
Systems and applications typically do not exist in isolation, certainly not in the commercial sectors where many of us work. Thus, we must consider the context within which these systems and applications exist. That context can be described as a security architecture and governance framework. These enable the various security controls we design, implement and manage to function in a holistic and cohesive manner; and in accordance to a security policy.
Developing a security architecture and associated governance framework often involves a risk analysis-based process that considers the business and technical requirements that an organization must address, in conjunction with evaluating threats, risks, and vulnerabilities that may exist. Often formalized methods are used to develop a security architecture. The ISO 27001 and ISO 27002 standards, for example, provide guidance on how to create an Information Security Management System using different security control objectives; NIST 800-53 takes a similar approach.
The ISSA Journal Editorial Advisory Board would like to hear from you regarding your experience with security architecture. What approach is the most successful in your environment? What methodology do you use? Do you use a risk-based approach or something else? How do you measure the success of your security architecture? What works? What doesn't?
Please submit articles by April 1 to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org. Click here for more theme descriptions.
ISSA & Industry Events
ISSA CISO Executive Forum
| San Francisco, CA | February 25 - 26, 2012 |
|---|---|
| Denver, CO | May 16 - 17, 2012 |
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
If you have question about the Conference please email: conference customer service.
For more information click here
South Florida Chapter Presents: Taking Security Seriously?!
This event will host keynote speaker Dave Aitel. Members will have an opportunity to attend more than ten speaking sessions, network with peers, and engage in multiple breakout sessions.
Click here to register for this event.
For more information and a complete agenda click here.
Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review
The Raleigh ISSA Chapter is holding an (ISC)2 CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.
- Dates: Saturdays, March 10,17,24, 2012
- Time: 8 AM - 3PM
- Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina
Cost for all three sessions (includes breakfast, lunch and refreshments):
- $50 ISSA
- $75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
- $100 for all others
- No Refunds
Required student resources:
- Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)2 Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
- Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
- Forum: See the http://cccure.org/ Web site for answers to your questions and more.
To register and for more information click here
Portland Chapter Hosts: NW ISSA Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65
- Discount to ISSA Members: $50.00 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
Central Ohio Chapter Hosts: 2012 Central Ohio InfoSec Summit
- Dates: May 17-18, 2012
- Location: Hyatt Regency, Downtown Columbus
- Cost: Early Bird Price of $75.00 for: ISSA, ISACA, ISC(2), OWASP, or InfraGard Members - Expires at Midnight on March 31st -- Full Price $175.00 after March 31st for all attendees.
Please join us on May 17th and 18th, 2012 for the fifth annual Central Ohio InfoSec Summit. This event will be a superb venue for education, collaboration, and networking. Join information security practitioners and executives from throughout the region as we bring together the leaders in our profession for two days of intense lecture and study across various tracks. You will choose from highly technical, technical, management, and executive level sessions, as we tackle the latest industry trends, issues, and solutions. Attendance at this event will qualify an individual for 14 CPE’s. The summit will be held in the same location as last year, Hyatt Regency, Downtown Columbus.
To register for this event click here
Denver Chapter Hosts: The Rocky Mountain Information Security Conference
- Location: Date: May 17-18, 2012
- Time Thursday, May 17: 9 AM-7:30 PM, Friday, May 18: 7 AM – 5:30 PM
- Location: Sheraton Denver Downtown, 1550 Court Pl, Denver, CO
- Cost: Thursday: Optional full day training - $250
Friday: Main Conference
Student/Government/Military: $100
ISSA/ISACA Member: $150 (early), $200 (after 3/30)
Non-Member: $200 (early), $250 (after 3/30)
The Rocky Mountain Information Security Conference (RMISC) is the only conference of its kind in the Rocky Mountain region. The RMISC is a convenient, affordable knowledge-builder for IT security, audit, and compliance professionals at all levels. The RMISC provides the perfect blend of education, networking, and opportunities that are critical to your success in today’s economy and security climate! Pre-conference full-day workshops provide in-depth training with courses for management, technical, and audit professionals.
For more information and for registration click here
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Boston, March 28-29
- Atlanta, April 10-11
- Houston, April 17-18
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
RSA Conference USA
- Dates: Feb 27- Mar 2, 2012
- Location: San Francisco, CA
- Cost: $1,595 - $2,295
- Discount to ISSA Members: $150 off
- Discount Code: 1212ISSADL15
RSA® Conference helps drive the information security agenda worldwide with annual events in the U.S., Europe, and Japan. Throughout its 20+ year history, RSA Conference consistently attracts the world’s best and brightest in the field, creating opportunities for Conference attendees to learn about information security’s most important issues through first-hand interactions with peers, luminaries, and emerging and established companies. As the information security field continues to grow in importance and influence, RSA Conference plays an integral role in keeping security professionals across the globe connected and educated.
For more information and conference dates click here.
To register for this event click here.Sophos Hosts: Anatomy of an Attack How Hackers Threaten Your Security
- Date: March 14, 2012
- Time: 10:00 AM – 2:30 PM
- Location: Portland Marriott- Downtown Waterfront, 1401 SW Naito Parkway, Portland, OR 97201
- Cost: Free to ISSA members
Are you concerned that a malware attack will put your business at risk? Learn how today's cybercriminals target your computer, identity and money and get practical advice on how to combat anything that comes your way. Sophos security experts Chester Wisniewski and John Shier will explore how malware threats actually work and what you can do to protect your company today.
Click here to register for this event.
5th Annual Enterprise Risk Management Conference
- Dates: March 19-21, 2012
- Location: Chicago, IL
- Cost: $2,695 – End-user, $2,995 – Vendor/Consultant
- Discount to ISSA Members: 10%
- Discount Code: “ISSA”
Join ERM leaders from Xcel Energy, Pinnacle Entertainment, HSBC, Eli Lilly & Company, Comcast Corporation, OfficeMax, Harley Davidson, Constellation Energy Group and many more!
Attending This Event Will Enable You to:
- Become aware that risk management has become more complex and critical in the current economic environment.
- Learn about various concerns in business operations including globalization, technology, economic environment, regulators, competitors and speed of change
- Maintain costs, while maintaining a proper focus on enterprise wide risk
- Better educate your board on the nuances of enterprise risk management
- Lead the effort around formalizing the companies risk management program
To register for this event click here
EdTechDay 2012 Southern Tier of New York
- Location: Date: March 22, 2012
- Time: 9 AM - 4 PM
- Location: Ithaca College
- Cost: Free
This regional technology event will focus on education. For more information and for registration click here
Payment Technology & Risk Forum 2012 – Beirut
- Dates: March 27-28, 2012
- Time: 9:00 AM-5:00 PM on both days
- Location: Beirut, Lebanon
- Cost: $750 USD
- Discount to ISSA Members: 10% discount
The Payment Technology & Risk Forum 2012 is designed for card payments and IT experts focused on managing and implementing payment systems. The forum covers key industry developments from both management and technical perspectives. Delegates who attend this forum will find many myths dispelled and be equipped with clear and practical guidance.
For information and more details click here
Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599.00
- Discount to ISSA Members: $300.00
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM, to ensure the information security of large datacenters and cloud computing implementations and addresses leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click here
March 2012 ISSA Web Conference
Security and Legislation
Recorded Live: March 27, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Click here to register for this on-demand event
Generously supported by:
Web Conference Overview:
As technology evolves so do usage and threat models. As these threats advance, they bring to the forefront of questions liability and mitigation. In the end, as security professionals, we are required to deal with new - or even old - laws that must be applied to outdated usage models. This session will explore evolving laws in the context of technological advancements and actions we can take to ensure we are compliant.
Michael Colson - Senior Product Manager, NetIQ
Michael Colson has more than 21 years of experience in engineering and management positions with highly successful aerospace, medical, and IT security companies. His background includes leading product engineering teams in the development of state-of-the-art security- and compliance-management products. As the senior product manager for Security Products at NetIQ, he identifies and develops products and solutions that lead in innovative and effective approaches for managing security and compliance for customers worldwide.
Presentation Overview: Evolving Legislation and Security Threats, Are You Ready?
It’s all over the news. Data breaches are all the rage. From targeted attacks for political protest to theft of data for profit, legislators have taken notice by increasing legal and financial penalties. What is your defense plan? This presentation will explore legislative changes and a strategy that can help defend your business.
Randy V. Sabett, J.D., CISSP - Counsel, ZwillGen PLLC
Randy V. Sabett, J.D., CISSP, serves as Counsel in the Washington, DC office of ZwillGen PLLC. He has over 20 years of information security experience, including as an NSA crypto engineer, and counsels clients on information security, privacy, IT licensing, and patents, dealing with such issues as federated identity, cloud services, Public Key Infrastructure (PKI), digital and electronic signatures, financial services, state and federal information security laws, identity theft, and security breaches. Sabett served as a commissioner for the Commission on Cybersecurity for the 44th Presidency and has been recognized as a leader in privacy & data Security in the 2007 - 2012 editions of Chambers USA: America’s Leading Lawyers for Business. He is also a frequent lecturer and author on issues involving information security, and has appeared on or been quoted in a variety of national media sources. He can be reached at randy@zwillgen.com.
Presentation Overview:
Cybersecurity legislation has not quite taken center stage, but it’s getting close. In light of numerous recent events, cybersecurity has definitely taken priority over several other issues. Although security policy wonks have been saying for many years that we need more robust federal laws to protect us in cyberspace, it’s only very recently that the message has been getting through to a broader audience. Between the White House legislative proposal, the Cybersecurity Bill of 2012, and the McCain response, we may actually see something pass. The questions are ‘when?’ and how do we overcome the perennial problems?
Joe Tasker – Independent Consultant and Principal, JT Square Strategies; formerly Sr. VP and General Counsel, Information Technology Association of America
Joe Tasker is a consultant in Washington, D.C. who concentrates on information technology, international trade, internet governance, and intellectual property. He is a high tech public policy strategist and advocate with a background in the legal profession; he has experience working in both the public and private sectors. Until a recent merger, he served as Senior VP for Government Affairs at ITAA and worked extensively on cyber security issues. For 10 years, he led government affairs for Compaq Computer. He helped found many policy advocacy coalitions formed to solve pressing issues for the information technology industry including: internet access, export controls, and the growth of trade in ICT goods and services.
ISSA E-News: February 9, 2012
In this Issue
- ISSA Members Receive a 50% Discount on Information Security Related Books
- RSVP for Member Reception at RSA Conference
- Don’t Wait: Submit Nominations for International Board Election
- ISSA Web Conference: Compliance vs the Cloud
- Industry Webinar: SharePoint Security - Challenges & Solutions
- Journal Call for Articles: Smart Grid / Industrial Control Systems Security
- ISSA and Industry Events
Sponsor
ISSA Members Receive a 50% Discount on Information Security Related Books
ISSA has arranged for a 50% discount on Auerbach Publications and CRC Press information security book. To order books from this series simply click here and enter the promotion code 081MA, at checkout 50% will be deducted from your order. Hundreds of books are available.
New Titles Include:
- Information Security Governance Simplified: From the Boardroom to the Keyboard
- Asset Protection through Security Awareness
- Cybersecurity: Public Sector Threats and Responses
- Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS
- CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits
RSVP for Member Reception at RSA Conference
Tuesday, February 28 |6:00-7:30 p.m. | Room 300 (located in Moscone South on the Esplanade Level)
Socialize and network with your fellow ISSA colleagues and honor our newest Distinguished Fellows and Fellows at RSA Conference 2012 in San Francisco next month. You’re invited to a members-only reception on Tuesday, February 28, from 6:00 – 7:30 p.m. immediately following the Expo Pub Crawl. RSVP online today.
Don’t forget to stop by the ISSA booth 149 in the expo to pick up your member ribbon.
Don’t Wait: Submit Nominations for International Board Election
Nominations are open for the June election of the International Board of Directors. You will be electing the International President and five directors to lead the association for the next two years.
Anyone interested in being nominated should thoroughly review the election guidelines. Information on the responsibilities of the International Board of Directors can also be found in Article VI of the ISSA By-Laws.
Required documents and instructions on the nomination process are available on Connect. All nominations must be received by 11:59 p.m. on March 15. If you have questions or need assistance, please contact electionchair@issa.org or call ISSA headquarters, 866 349 5818 (toll free within the US), +1 206 388 4584 (international), extension 102.
ISSA Web Conference: Compliance vs the Cloud
Live Event: February 21, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Generously supported by:
Web Conference Overview:
In today’s business world technology landscapes are more interconnected and diverse than ever. This trend is apparent as businesses migrate to the cloud. As a result, information security professionals are confronted with a brave new world that offers new and complex challenges. This web conference will explore these challenges through the perspective of 'cloudy eDiscovery', asset recovery when your cloud dissolves, compliance, and security within the cloud.
On-Demand Industry Webinar: SharePoint Security - Challenges & Solutions
Sponsored By: 
Industry Webcast Description:
Microsoft SharePoint continues to be the prominent application within the collaboration software industry. But, due to its flexibility of deployment, storage of critical business assets, and diverse user base security risks are a real concern. During this session, Deloitte & Touche LLP and CA Technologies discuss the challenges that customers are faced with when deploying large complex Microsoft SharePoint environments, as well as leading practices and solutions available to help address these challenges.
Click here to register for this on-demand industry webinar.
Journal Call for Articles: Smart Grid / Industrial Control Systems Security
The world of information technology (IT) has cemented itself in our consciousness as the "face" of technology. What most of us are far less familiar with is what many may consider to be the hidden (or perhaps not so hidden) world of Industrial Control Systems (ICS).
These systems go by many names and acronyms, such as SCADA (Supervisory Control and Data Acquisition) or DCS (Distributed Control Systems). These systems perform the most critical functions in our collective lives, responsible for opening and closing water valves, balancing power transmission, cooling off nuclear reactors, controlling temperatures during food production, controlling the amount of chemicals that make up pharmaceuticals, and - perhaps most alarmingly - manage systems that provide health care to humans.
These systems have been around for a long time, and have (for the most part) functioned admirably, so well and for so long in their current state that organizations creating and deploying these ICS systems truly never had a compelling reason to consider security beyond the physical boundaries protecting such systems. This all changed with the advent of wireless technology, modern technological conveniences (such as portable storage devices), and the proliferation of networked "smart" devices that have become ubiquitous in our lives.
How serious are these issues? What, specifically, is being done to address these issues? Are we potentially facing a whole new world of cybersecurity issues that most of us are ill prepared to address? Please share your ideas with the information security community as we attempt to wrap our heads around the world of Industrial Control Systems security.
Articles are due now. Please to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org.Click here for more issue theme descriptions.
Have a chapter event to post? Let us know!
ISSA CISO Executive Forum
| San Francisco, CA | February 25 - 26, 2012 |
|---|---|
| Denver, CO | May 16 - 17, 2012 |
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Dates: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA – USA
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
If you have question about the Conference please email: conference customer service.
For more information click hereMilwaukee Chapter Hosts: Attack vs. Defense, That’s how it’s done!
- Date: February 14, 2012
- Location: Milwaukee, WI
- Time: 11:00-5:00 PM
- Cost: Cost: $14 for lunch session. Free for Milwaukee and Madison Members.
- Location: New Berlin Ale House, New Berlin, WI.
This half day event will consist of an attack vs defense presentation by Michael Vieau, Sr. Security Administrator at Froedtert and SANS mentor. He will utilize a special virtual environment that will show what a system looks like from both the attacker and defense side and how to mitigate the damage. The FBI Cyber Crime Division will be demonstrating the creation of a botnet and will be available to answer any questions. It will be a very exciting event!
To register and for more information on this event click here
South Florida ISSA Chapter Presents: Taking Security Seriously?!
This event will host keynote speaker Dave Aitel. Members will have an opportunity to attend more than ten speaking sessions, network with peers, and engage in multiple breakout sessions.
Click here to register for this event.
For more information and a complete agenda click here.
Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review
The Raleigh ISSA Chapter is holding an (ISC)2 CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.
- Dates: Saturdays, March 10,17,24, 2012
- Time: 8 AM - 3PM
- Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina
Cost for all three sessions (includes breakfast, lunch and refreshments):
- $50 ISSA
- $75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
- $100 for all others
- No Refunds
Required student resources:
- Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)2 Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
- Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
- Forum: See the http://cccure.org/ Web site for answers to your questions and more.
To register and for more information click here
ISSA Portland Chapter Hosts: NW ISSA Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65.00
- Discount to ISSA Members: $50.00 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
Sponsors can contact the Vendor Outreach Chair for opportunities on supporting this event.
Industry Events
SecureWorld Expo
2012 Schedule of Events
- Boston, March 28-29
- Atlanta, April 10-11
- Houston, April 17-18
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
HIPAA Audit Prep BootCamp
- Dates: February 9, 2012 from 8:30 AM to 5:00 PM
- Location: Hilton Garden Inn-Atlanta Airport North
- Cost: $595 for general public $495 for ISSA members
- Discount Code: Enter “ISSA MEMBER” in the “How Did You Find Us” box on the registration page.Use “ATL-ISSA” on shopping cart (payment) page to receive $495 ISSA rate
- Attendees: CEOs, CFOs, CIOs, Compliance Officers of Covered Entities and Business Associates
To register and for more information click here.
RSA Conference USA
- Dates: Feb 27- Mar 2, 2012
- Location: San Francisco, CA
- Cost: $1,595 - $2,295
- Discount to ISSA Members: $150 off
- Discount Code: 1212ISSADL15
RSA® Conference helps drive the information security agenda worldwide with annual events in the U.S., Europe, and Japan. Throughout its 20+ year history, RSA Conference consistently attracts the world’s best and brightest in the field, creating opportunities for Conference attendees to learn about information security’s most important issues through first-hand interactions with peers, luminaries, and emerging and established companies. As the information security field continues to grow in importance and influence, RSA Conference plays an integral role in keeping security professionals across the globe connected and educated.
For more information and conference dates click here.
To register for this event click here.Sophos Hosts: Anatomy of an Attack How Hackers Threaten Your Security
- Date: March 14, 2012
- Time: 10:00 AM – 2:30 PM
- Location: Portland Marriott- Downtown Waterfront, 1401 SW Naito Parkway, Portland, OR 97201
- Cost: Free to ISSA members
Are you concerned that a malware attack will put your business at risk? Learn how today's cybercriminals target your computer, identity and money and get practical advice on how to combat anything that comes your way. Sophos security experts Chester Wisniewski and John Shier will explore how malware threats actually work and what you can do to protect your company today.
Click here to register for this event.
5th Annual Enterprise Risk Management Conference
- Dates: March 19-21, 2012
- Location: Chicago, IL
- Cost: $2,695 – End-user, $2,995 – Vendor/Consultant
- Discount to ISSA Members: 10%
- Discount Code: “ISSA”
Join ERM leaders from Xcel Energy, Pinnacle Entertainment, HSBC, Eli Lilly & Company, Comcast Corporation, OfficeMax, Harley Davidson, Constellation Energy Group and many more!
Attending This Event Will Enable You to:
- Become aware that risk management has become more complex and critical in the current economic environment.
- Learn about various concerns in business operations including globalization, technology, economic environment, regulators, competitors and speed of change
- Maintain costs, while maintaining a proper focus on enterprise wide risk
- Better educate your board on the nuances of enterprise risk management
- Lead the effort around formalizing the companies risk management program
To register for this event click here
Payment Technology & Risk Forum 2012 – Beirut
- Dates: March 27-28, 2012
- Time: 9:00 AM-5:00 PM on both days
- Location: Beirut, Lebanon
- Cost: $750 USD
- Discount to ISSA Members: 10% discount
The Payment Technology & Risk Forum 2012 is designed for card payments and IT experts focused on managing and implementing payment systems. The forum covers key industry developments from both management and technical perspectives. Delegates who attend this forum will find many myths dispelled and be equipped with clear and practical guidance.
For information and more details click here
Vanguard Security & Compliance 2012
- Dates: June 25-28, 2012
- Location: Las Vegas, Nevada
- Cost: $2,599
- Discount to ISSA Members: $300
- Discount Code: VSCISSA01
Vanguard Security & Compliance 2012 is the premier IT security and compliance educational conference providing technical security training for large enterprises that rely on System z® from IBM, to ensure the information security of large datacenters and cloud computing implementations and addresses leading security subjects including: cyber security, cloud security, continuous monitoring, advanced security techniques, emerging technologies, security automation, evolving audit compliance standards. This event offers 6 program tracks, 3 power tracks, 7 full-day workshops, 100 hours of hands-on labs and 90 educational sessions! Open Call for Speakers -now accepting submissions for educational sessions, learn more.
To register for this event click here9th Annual CISO Summit & Roundtable
- Dates: June 27 – 29, 2012
- Location: Prague
- Cost: Various
- Discount to ISSA Members: 10%
- Discount Code: ISSA10
MIS Training Institute is delighted to announce that the 9th CISO Summit & Roundtable will take place June 27 – 29, 2012 at the Corinthia Towers Hotel, Prague, Czech Republic. Europe's best-loved event for Chief Information Security Officers and Directors of Information Security and Risk Management, will drive new thinking, question what the future holds, assess current challenges, and learn how peers are preparing to defend tomorrow.
To register and for more information on this event click here
ISSA E-News: January 26, 2012
In this Issue
- Distinguished Fellows and Fellows Announced
- RSVP for Member Reception at RSA Conference
- Don’t Wait: Submit Nominations for International Board Election
- Tell Us How We’re Doing – 2012 Member Survey
- Make a Difference – Volunteer!
- Staff the ISSA Booth at RSA
- International Conference Committee
- Contribute to the Journal
- Now On-Demand - January Web Conference
- Industry Webinars - On-Demand
- ISSA and Industry Events
Sponsor
Distinguished Fellows and Fellows Announced
“It is a distinct pleasure to reward sustained membership and service to both ISSA and the information security community,” said Ira Winkler, Fellow Chair, in announcing the selection of three Distinguished Fellows and ten Fellows resulting from the autumn selection cycle. “Each of these volunteers has demonstrated significant leadership and devotion to ISSA and our community as a whole. We look forward to acknowledging other such leaders in the future.”
The recipients will be honored at the ISSA Member Reception on February 28 at the RSA Conference 2012 in San Francisco, RSVP online today.
Distinguished Fellows
- David K. Dumas, New England
- Rick Ensenbach, Minnesota
- Richard W. Owen, Jr., Phoenix
Fellows
- G. Joanne Ashland, South Texas and Texas Gulf Coast
- Maureen W. Baran, Rochester
- Joel Cort, Rochester
- Ken Dunham, Boise
- Joseph R. Malec, St. Louis
- Bart Moerman, Brussels European
- Steven “Scott” Parker, Alamo
- Betty Pierce, Colorado Springs
- Melody Wilson, Colorado Springs
- R. Glenn York, Northern New Mexico and Colorado Springs
No more than 1% of members may hold Distinguished Fellow status at any given time, while Fellow is limited to 2% of the membership. Distinguished Fellows are required to have 5 years of association leadership, 12 years of association membership and 10 years of exceptional service with a significant contribution to security posture or capability. Fellows must have 3 years of volunteer leadership, 8 years membership and at least 5 years of noteworthy performance as an information security professional. For more information on the nomination requirements and process, please consult the Fellow Program Operating Instructions.
RSVP for Member Reception at RSA Conference
Tuesday, February 28 /6:00-7:30 p.m. / Room 300 (located in Moscone South on the Esplanade Level)
Socialize, network with your ISSA colleagues, and honor our newest Distinguished Fellows and Fellows at RSA Conference 2012 in San Francisco next month. You’re invited to a members-only reception on Tuesday, February 28, from 6:00 – 7:30 p.m. immediately following the Expo Pub Crawl. RSVP online today.
Don’t Wait: Submit Nominations for International Board Election
Nominations are now open for the June election of the International Board of Directors. You will be electing the International President and five directors to lead the association for the next two years.
Anyone interested in being nominated should thoroughly review the election guidelines. Information on the responsibilities of the International Board of Directors can also be found in Article VI of the ISSA By-Laws.
Required documents and instructions on the nomination process are available on Connect. All nominations must be received by 11:59 p.m. on March 15. If you have questions or need assistance, please contact electionchair@issa.org or call ISSA headquarters, 866 349 5818 (toll free within the US), +1 206 388 4584 (international), extension 102.
Tell Us How We’re Doing – 2012 Member Survey
If you have not already done so, please take a few minutes to give your feedback on how well we are meeting your needs by completing the ISSA Member Survey. Your input will help improve chapter meetings, the ISSA International Conference, Web Conferences, Connect, The ISSA Journal, and other services. At the end of the survey, you may enter a drawing where three lucky members will each win a free pass to the ISSA International Conference and a $50 American Express gift card.
Get Involved and Make a Difference – Volunteer!
By virtue of your ISSA membership you are making a statement that advancing the professionalism of the rapidly evolving fields of cybersecurity, risk management and protection of personal and proprietary information is important. There are a variety of opportunities for you to volunteer your time, expertise and enthusiasm to shape the future of the profession and the industry. Not only will you be contributing to our collective mission, you will be amazed at the new and deeper relationships you will build among your peers, the expansion of the network you will be able to call on for advice and resources as well as the satisfaction of making a difference.
Staff the ISSA Booth at RSA
Knowledgeable members are needed to work a shift in the ISSA booth during the RSA Conference USA in San Francisco. Your role would be to share your enthusiasm with members and non-members alike about the value of ISSA and how to get the most out of your membership. Volunteers will receive a complimentary pass to the Exhibit Hall. You will have the opportunity to expand your network of ISSA relationships with members from across the globe. Shifts are available on Tuesday, Wednesday, and Thursday. Please note, time slots can be adjusted to fit your schedule. To volunteer, email Dana Paulino (dpaulino@issa.org) or call (866) 349-5818 x103.
International Conference Committee
Volunteers are needed to assist with the planning of the 2012 ISSA International Conference, to be held October 25-26, 2012 at the Disneyland Hotel in Anaheim, California USA. Be part of this event that will bring together the infosec community to connect, collaborate, and learn. Use your talents to create educational offerings, build the audience and craft an event that will be valuable to yourself and your colleagues. Work with ISSA leaders and staff to provide direction and shape the conference. Find the 2012 Conference Planning Committee details online.
Contribute to the Journal
Articles are due by February 1 for March’s issue on “Advanced Threat Concepts and Cyberwarfare.”
Share your expertise and earn CPEs. The editorial calendar for 2012 and publishing guidelines are on the website so you can plan for the year. The Editorial Advisory Board has provided expanded insight into the monthly themes to help authors target their articles. All submissions are peer-reviewed and Editorial Board volunteers can assist with revisions when necessary.
The ISSA is our organization, the ISSA Journal is our journal: we will all benefit from your participation.
Now On-Demand-Year in Review: How Last Year’s Trends Help Us Plan for the Future
Recorded Live: January 25, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London
Click here to register for this web conference on-demand
Generously supported by:
Web Conference Overview:
2011 was the year of security relevant issues and events. This is inclusive to changes in security legislation proposals, protective technology, and even cyber-attacks. This session will explore the challenges that security professionals confronted in 2011. Based on these challenges, we will explore the lessons learned as we move into 2012.
Click here for more information on this ISSA web conference.
Industry Webinars
Trends for 2012: Make Secure File Transfer a Strategic Initiative
Sponsored By: 
Industry Webcast Description:
In this video, Gartner Analyst Jess Thompson tells why more and more companies are elevating their file transfer approach from the tactical to the strategic—improving efficiency and cutting costs in the process. Attachmate product marketing manager Sam Morris supports this position with examples of how Attachmate FileXpress can help you meet your key IT objectives.
You'll also hear Attachmate product marketing manager Sam Morris explain how the right strategic solution can help you:
- Maintain a reliable data infrastructure.
- Balance data security with business efficiency.
- Respond quickly to new business initiatives.
Click here to register for this industry webinar.
ISSA Events
CISO Executive Forum
| San Francisco, CA | February 25 - 26, 2012 |
|---|---|
| Denver, CO | May 16 - 17, 2012 |
| Boston, MA | August 2-3, 2012 |
| Anaheim, CA | October 26-27, 2012 |
For details on the CISO Forum click here.
*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.
ISSA International Conference
- Date: October 25-26, 2012
- Location: Disneyland Hotel Anaheim, CA USA
Special Events Held in Conjunction with the International Conference:
- Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
- CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.
If you have question about the Conference please email: conference customer service.
For more information click hereSouth Florida Chapter Presents: Taking Security Seriously?!
This event will host keynote speaker Dave Aitel. Members will have an opportunity to attend more than ten speaking sessions, network with peers, and engage in multiple breakout sessions.
Click here to register for this event.
For more information and a complete agenda click here.
Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review
The Raleigh ISSA Chapter is holding an (ISC)2 CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.
- Date: Saturdays, March 10,17,24, 2012
- Time: 8 AM - 3PM
- Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina
Cost for all three sessions (includes breakfast, lunch and refreshments):
- $50 ISSA
- $75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
- $100 for all others
- No Refunds
Required student resources:
- Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)2 Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
- Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
- Forum: See the http://cccure.org/ Web site for answers to your questions and more.
To register and for more information click here
Portland Chapter Hosts: ISSA NW Security Summit
- Date: May 3, 2012
- Time: 8:00 AM – 5:00 PM
- Location: Oregon Convention Center – Portland, Oregon
- Cost: $65
- Discount to ISSA Members: $50.00 for ISSA /ISACA/ISC2 members
The NW ISSA Security Summit is a full day special event at InnoTech Oregon. Designed for and by security professionals, this conference offers in-depth conference sessions on the latest issues and trials facing IT Security in the NW.
To register click here
Sponsors can contact the Vendor Outreach Chair for opportunities on supporting this event.
Industry Events
Data Connectors Raleigh Tech-Security Conference
- Date: January 26, 2012
- Time: 8:00 AM – 4:00 PM EST
- Location: Hilton North Raleigh/Midtown, 3415 Wake Forest Road, Raleigh, North Carolina, 27609-7330
- phone: 919.872.2323
- Cost: $100 Discount to ISSA Members: $100 off with the discount code: ISSA Raleigh, NC
The Raleigh Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security, USB drives security & more. There will be lots of give a ways and prizes.
To register for this event click here
SecureWorld Expo
2012 Schedule of Events
- Boston, March 28-29
- Atlanta, April 10-11
- Houston, April 17-18
- Charlotte, May 2-3
- Philadelphia, May 23-24
SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.
Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.
ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.
SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.
For conference details and to register go to http://www.secureworldexpo.com/.
HIPAA Audit Prep BootCamp
- Dates: February 9, 2012 from 8:30 AM to 5:00 PM
- Location: Hilton Garden Inn-Atlanta Airport North
- Cost: $595 for general public $495 for ISSA members
- Discount Code: Enter “ISSA MEMBER” in the “How Did You Find Us” box on the registration page.Use “ATL-ISSA” on shopping cart (payment) page to receive $495 ISSA rate
- Attendees: CEOs, CFOs, CIOs, Compliance Officers of Covered Entities and Business Associates
To register and for more information click here.
RSA Conference 2012
- Date(s): Feb 27- Mar 2, 2012
- Location: San Francisco, CA
- Cost: $1,595 - $2,295
- Discount to ISSA Members: $150 off
- Discount Code: 1212ISSADL15
RSA® Conference helps drive the information security agenda worldwide with annual events in the U.S., Europe, and Japan. Throughout its 20+ year history, RSA Conference consistently attracts the world’s best and brightest in the field, creating opportunities for Conference attendees to learn about information security’s most important issues through first-hand interactions with peers, luminaries, and emerging and established companies. As the information security field continues to grow in importance and influence, RSA Conference plays an integral role in keeping security professionals across the globe connected and educated.
For more information and conference dates click here.
To register for this event click here.5th Annual Enterprise Risk Management Conference
- Dates: March 19-21, 2012
- Location: Chicago, IL
- Cost: $2,695 – End-user, $2,995 – Vendor/Consultant
- Discount to ISSA Members: 10%
- Discount Code: “ISSA”
Join ERM leaders from Xcel Energy, Pinnacle Entertainment, HSBC, Eli Lilly & Company, Comcast Corporation, OfficeMax, Harley Davidson, Constellation Energy Group and many more!
Attending This Event Will Enable You to:
- Become aware that risk management has become more complex and critical in the current economic environment.
- Learn about various concerns in business operations including globalization, technology, economic environment, regulators, competitors and speed of change
- Maintain costs, while maintaining a proper focus on enterprise wide risk
- Better educate your board on the nuances of enterprise risk management
- Lead the effort around formalizing the companies risk management program
To register for this event click here
Payment Technology & Risk Forum 2012 – Beirut
- Date(s): March 27-28, 2012
- Time: 9:00 AM-5:00 PM on both days
- Location: Beirut, Lebanon
- Cost: $750 USD
- Discount to ISSA Members: 10% discount
The Payment Technology & Risk Forum 2012 is designed for card payments and IT experts focused on managing and implementing payment systems. The forum covers key industry developments from both management and technical perspectives. Delegates who attend this forum will find many myths dispelled and be equipped with clear and practical guidance.
For information and more details click here
E-News Archive
- 2010-4-15
- 2010-4-1
- 2010-3-25
- 2010-3-11
- 2010-2-18
- 2010-2-4
- 2010-1-21
- 2010-1-4
- 2009-12-21
- 2009-12-17
- 2009-12-03
- 2009-11-19
- 2009-11-05
- 2009-10-22
- 2009-10-01
- 2009-09-24
- 2009-09-17
- 2009-09-10
- 2009-09-03
- 2009-08-27
- 2009-08-13
- 2009-08-06
- 2009-07-30
- 2009-07-23
- 2009-07-16
- 2009-07-02
- 2009-06-25
- 2009-06-11
- 2009-06-04
- 2009-05-28
- 2009-05-14
- 2009-05-07
- 2009-04-30
- 2009-04-16
- 2009-04-09
- 2009-04-02
- 2009-03-26
- 2009-03-12
- 2009-03-03
- 2009-02-26
- 2009-02-12
- 2009-01-29
- 2009-01-15
- Previous E-News Issues