News

• Association
• Events
• Surveys
• Press Room
• Award Honorees
• E-News

E-News Archive

• 2008-07-23
• 2008-07-10
• 2008-06-26
• 2008-06-12
• 2008-05-29
• 2008-05-15
• 2008-05-01
• 2008-04-17
• 2008-04-03
• 2008-03-20
• 2008-03-20
• 2008-03-06
• 2008-02-20
• 2008-02-07
• 2008-01-24
• 2008-01-10
• 2007-12-31
• 2007-12-13
• 2007-11-30
• 2007-11-15
• 2007-11-01
• 2007-10-25
• 2007-10-11
• 2007-09-27
• 2007-09-13
• 2007-08-30
• 2007-08-16
• 2007-08-03
• 2007-07-19
• 2007-07-05
• Previous E-News Issues

ISSA E-News

A bi-weekly publication from the ISSA International Board

February 9, 2006

Hot Topic - Call for Nominations For The ISSA International Board Of Directors

Notice to all ISSA chapters

This is a request for nominations for six positions on the ISSA International Board:

• President
• Vice President of Education
• Vice President of International Relations and Development
• Vice President of Vendor Relations
• Vice President of Marketing
• Vice President of CISO Programs

Requirements

Each nomination must be accompanied by the following information:

• Statement of Nomination from the member's chapter
• Member in Good Standing
• Statement of Goals to Achieve in this position
• Statement of Commitment form
• Biography
• Picture

The biography will inform members of past work experience, other organizations the candidate belongs to, and what contributions were made to ISSA.

The Statement of Commitment form must be completed to ensure the candidate's employer approves of this commitment.

The form is attached here and can also be found in the References section of the File Library, http:/www.issa.org/cgi/library.cgi?library=References&file_index=0, under the title "BoardCommitmentForm11.10pdf".

Forms should be faxed to 414-768-8001 or 414-768-8030.

• Please e-mail all information to the Chairman of the Nominations Committee, William Tompkins, at electionchair@issa.org.
• All nominations must be received by April 16, 2006.
• All email sent to "electionchair@issa.org" should receive a reply message saying, "Thank you for your submission."
  

If you haven't received a confirmation message from the Election Chair by April 16, 2006, please contact ISSA Headquarters at 414-908-4949 x12

In this Issue

• New ISSA Chapters Recognized
• ISSA Chapter Officers In-Person Meeting
• ISSA's Webcasts – Most recent: Email Security Strategies - What To Plan For In 2006
• NEW! The ISSA Learning Center is Open – New Training Courses Available!
• Upcoming Conferences & Discounts – Extend your education and training with these ISSA sponsored conferences. Discounted rates available!

Sponsored By

2006 Security Compliance Research Report:

The Struggle to Manage Security Compliance for Multiple Regulations The 2006 Security Compliance Research Report is the first in a series designed to help establish benchmarks showing how firms worldwide are dealing with compliance and its impact on corporate IT security programs. Sponsored By the Institute of Internal Auditors (IIA), the Computer Security Institute (CSI) and Symantec, this report provides survey results and key findings that describe the extent that companies are now dealing with meeting requirements for multiple regulations, the proportion of their IT budgets being devoted to compliance efforts, and how they are responding to improve security, demonstrate compliance and reduce costs. Download this white paper now!

New ISSA Chapters Recognized

Congratulations to ISSA's newest chapter! The ISSA South Carolina Midlands Chapter is now recognized as an official chapter of the Information Systems Security Association, Inc. We now have 107 official ISSA chapters, in 24 countries. New chapters and their membership will contribute to the growth, strength, and leadership of the ISSA in enhancing its recognition as "The Global Voice of Information Security".

ISSA Chapter Officers In-Person Meeting

Our next ISSA Chapter Officers In-Person meeting will be held on Monday, February 13, 2006 as a predecessor to the RSA Security Conference in San Jose, CA USA. This meeting is open to all ISSA Chapter Officers. The details are as follows:

Location:

The Fairmont Hotel, San Jose
170 South Market St.
San Jose, CA 95113
www.fairmont.com
(800) 257-7544

Date/Agenda:

Glen Ellen Room
Monday, February 13, 2006
7:30am to 9am PST - Continental breakfast, networking
9am to noon PST - Chapter Officers meeting Note: we will have a conference bridge available from 9am to noon PST for those who cannot attend in-person.

Topics to include:

• ISSA International 2006 business plan and objectives
• Discussion on ISSA membership initiatives
• Agenda items submitted by Chapter Officers

RSVP requested - Please RSVP as soon as possible, and please note if you are going to be attending in person or on the conference bridge. Send your RSVP to chapters@issa.org.If there is a specific item you would like to have on the agenda, please forward it to chapters@issa.org by January 31, 2006. A formal agenda will be sent to all confirmed attendees prior to the meeting.Thank you for your ongoing efforts, and for making the ISSA the Global Voice of Information Security!We look forward to having you and your chapter officers joining us!

Kevin Richards, CISSP
ISSA International
Vice President of Chapter Relations

Sponsored By

Watchfire AppScan 6.0

Web application security vulnerabilities are a growing threat for anyone doing business online. See if your applications are vulnerable. Download a free trial copy of AppScan today.

ISSA Webcasts

Email Security Strategies - What to Plan for in 2006

Sponsored By Mirapoint

Presented by Arabella Hallawell, Gartner Research & Bethany Mayer, Mirapoint Do you have your email security plan in Place for 2006? Next year IT will face new, even more potentially damaging email security threats and compliance challenges. Featured speaker, Arabella Hallawell, Research VP Gartner will offer you her thoughts on what technology you can apply to assure that your network is protected from never before seen attacks. Email is a mission-critical application – touching all aspects of business communications. Make sure that you are ready for 2006 with the right email security technology choices.
Know what to expect and how to prepare for 2006, the topics will include:

• Combat worms, viruses and malware
• Fighting Spam
• The right network architecture to fight threats
• Connection management
• New technologies you should consider soon
• And much more...

This Webcast is available On Demand [View Webcast]

Managing Multiple Regulations: Take the Fast Track from Complexity to Compliance

Sponsored By Symantec Corporation

Presented by David E. Smith, Symantec Corporation The growing importance of information technology and the transition of personal records into digital formats have made privacy and information security critical issues. But corporations are being bogged down in the quagmire of regulations which leaves them struggling to meet complex challenges and manage the high cost of security compliance. Acting as a "hidden tax on profits," regulatory audits are rededicating resources to meet these compliance objectives. This resource drain is beginning to directly impact the corporate bottom line and affect the ability to do business.

Join us for this look at how organizations are pulling out of the quagmire and getting onto the fast track to compliance by:

• Conducting regular audits more efficiently so they can reallocate IT resources to more important pursuits
• Coordinating security requirements from multiple regulations to eliminate costly redundancies and unnecessary controls
• Mapping controls to performance results to demonstrate improvement and implement a sustainable, auditable compliance posture

About the Speaker:

David E. Smith serves as a senior compliance analyst with Symantec, formerly BindView Corporation, working on the company's RAZOR Research Team. Smith has worked in information security for Fortune 500 companies for the last 8 years. Prior to joining BindView, he focused on information security, compliance strategy and program implementation for AEGON's North American companies, including Western Reserve Life, IDEX Mutual Funds and Transamerica. During his tenure, he helped coordinate the information security compliance programs for all of AEGON's North American operations. Smith is a Certified Information Systems Security Professional (CISSP) and holds a professional certificate in Computer Forensics from Oregon State University

This Webcast will be available On Demand February 16, 2006

Sponsored By

SecureWorld Expo Returns In 2006

SecureWorld Expo returns expanding their series in 2006 to include two new cities - Chicago and San Francisco. In partnership with ISSA International, SecureWorld continues to provide affordable access to world class conference sessions, case studies, panel discussions and peer-to-peer roundtables. Network with hundreds of colleagues and get the latest security trends, IT and physical security convergence secrets, incident response tools, and more. Register Today with Code ISSA456 and SAVE $70 off the $185 Conference fee. For more, click here. SecureWorld 2006:

• Boston, March 15 - 16, 2006, Hynes Convention Center
• Philadelphia, April 19 - 20, 2006, Valley Forge Convention Center
• Atlanta, May 2 - 3, 2006, Cobb Galleria Centre
• Chicago, May 24 - 25, 2006, Navy Pier
• Detroit, September 19 - 20, 2006, Ford Conference and Event Center
• Seattle, October 10 - 11, 2006, Meydenbauer Center
• San Francisco, November 1 - 2, 2006, South San Francisco Conference Center
• Dallas, December 6 - 7, 2006, Dallas Convention Center

NEW! The ISSA Learning Center is Open

ISSA University-SiegeWorks University

ISSA and SiegeWorks are pleased to announce high quality, on demand security education and training courses exclusively for ISSA members! Local Chapters decide which courses they would like to sponsor for their membership, arrange for the venue and promote the course locally. SiegeWorks University trainers provide onsite training and Trainer the Trainer sessions for Chapters who request it.

Industry leading trainers, security luminaries as guest lecturers and top-quality materials!

Course Number Course Description Number of Days Notes

• IS1100 CISSP Preparation 5 No Test
• IS1110 SSCP Preparation 5 No Test
• IS1201 Wireless Security 5 Lab
• IS1301 Principles of Security 5 Lab
• IS1302 Advanced Security Concepts 5 Lab
• IS1401 Practical Penetration Testing 5 Lab
• IS1402 Building and Operating a Snort IDS 3 Lab
• IS1403 Computer Forensics 5 Lab IS1501 Web Application 2 Lab
• IS1801 Policy Writing 3 None IS1802 Incident Response 3 None
• CS1901 Sarbanes-Oxley Compliance 2 None
• CS1902 SB-1386 Compliance 2 None

Interested? Contact your local Chapter President or Education Coordinator to sponsor an ISSA SiegeWorks University course for your local members! Click here to request more information.

Trusted Learning's ISSA Learning Center

ISSA is working with Interpact, the Security Awareness Company to provide low-cost end-user training on a variety of topics, ranging from Security Awareness 101 to Identity Theft. Individuals can purchase courses or member organizations can open their own private learning centers and choose from a menu of existing courseware or upload proprietary training courses for their employees or customers. Visit the ISSA homepage and click the link for the ISSA Learning Center, enter the access code (sa101cEn) then register as a student, purchase the courses and then begin taking them immediately. Here is a list of the courses available today:

• Why Security Awareness? - FREE An overview of the need for Computer Security Awareness. This is targeted toward managers and executives who need the basics or a current update.
• Internet and Computer Ethics for Kids - $3 This Course is based upon Winn Schwartau's hit book by the same name. We teach our kids how to use computers, but not about when and what to do with them. What is right and what is wrong? Parents are too often clueless - the kids know more. What do we do? This Course.
• SA101 Humorous 2005 - $5 This is a short, non-technical 60 minute overview of Security Awareness - with an emphasis on keeping students entertained.
• SA101 Corporate 2005 -$5 This is a short, non-technical 60-minute overview of Security Awareness.
• Email Safety at Home and Work - $5 Learn how to avoid viruses, worms and spyware trying to get into company and home computers through e-mail, Web sites and IM applications.
• ID Theft - $5 Learn what your identity information is, where it resides, how it gets exposed, how thieves steal and abuse identities and how to protect your identity information from theft.
• Social Engineering at Work and Home - $5 There are infinite ways scammers convince us to give over private information on the phone, Internet and in person. Learn how to recognize common techniques and antics of these scammers so you won't fall victim to them.
• SPYWARE - $5 Learn how Spyware gets onto computers and what it does - like logging keystrokes and bogging down computers and networks. Then learn what you can do about it.
• Viruses Protection at Work and Home - $5 This course will show employees how viruses and worms spread, the damage they cause, and the steps they should take to protect their work and home computers from getting infected (and how to remove viruses or worms if they do).

Upcoming Conferences & Discounts

TRISC, Texas Regional Infrastructure Security Conference, 2006 Conference - Houston, TX

May 15 - 17

Sharing Experience and Knowledge to Strengthen Security Conference Objectives: Provide an annual educational and networking event that will enhance the knowledge, skill, and professional growth of the conference alliance members and other attendees. TRISC involves individuals in: national, state or local governments; institutions of higher education; private and public businesses. The conference offers attendees a unique forum for the discussion of topics that are of mutual interest to security professionals in the areas of information, infrastructure, and facilities.

Tracks

• Law & Forensics
• Cyber Security
• Business Continuity & Disaster Recovery
• Risk / Security Management
• Infrastructure Protection/SCADA
• Physical Security

Registration Fees

Early Registration After April 15

• Members $299.00 $399.00
• First Responders $3200 $4200
• Non Members $399.00 $499.00

For information on registration, exhibits, and sponsorships, contact:TRISC 2006
c/o Swift Solutions
8701 Bluffstone, #2308
Austin, Texas 78759
Phone (toll-free): (877) 451-8700
Fax: (866) 498-6527
Email: debswift@swift-solutions.org
For on-line information and updates, visit: http:/www.trisc.org/
Hyatt Regency Hotel: http:/www.houstonregency.hyatt.com
(Ask for special TRISC attendee rates)

Information Security Professionals - earn your NSA certifications. Training so good, we teach the competition!

There's only ONE WAY to get your NSA certifications, and that’s by attending an NSA sponsored IAM/IEM course. Learn the NSA way of assessing your organizations security posture and conducting security evaluations of networks utilizing hands-on methodologies. ISSA members receive discounts up to $500! *U.S. Citizenship required* Learn more at: http:/www.fountainheadcollege.edu/ia/nsa/

ID Management 2006 Summit & Technology Showcase

March 7-8, 2006
Venue:
Tumbalong Rooms & Foyer,
Sydney Convention & Exhibition Centre,
Darling Drive, Darling Harbour, Sydney NSW 2000 The ID Management Summit 2006 aims at bringing together the users and suppliers of ID management solutions and technology to discuss business and government initiatives, latest trends and developments, large scale deployments, partnerships & alliances, developing standards, new applications, new business opportunities and future direction. For full conference details and to register please visit ID Management 2006 website.

Join | Association | Members | Chapters | News | Resources | Sponsorship

Copyright ©2008, Information Systems Security Association, All Rights Reserved.

Privacy Policy | Copyright Information