Home Site Map Log In Contact
Hot Topics

ISSA E-News

A bi-weekly publication from the ISSA International Board

July 13, 2006

In this Issue

ISSA HQ Transition Update

As you likely know by now, the ISSA Headquarters has been undergoing a transition to in-house management and operations. We are now managing the ISSA web site, eNews, magazine publishing, and all chapter & member relations ourselves. Certain member services are being rolled out in stages; make sure you check out our upDated transition FAQ page for the latest information.

ISSA Journal July edition is online

The July edition of the ISSA Journal is now online and available for your reading pleasure: http:/www.issa.org/current-ij-toc.html

Due to some issues related to the HQ migration, some of you may experience a slight delay in receiving the print version for this month. Check out the great articles about security certifications, contingency planning, two-factor authentication and much more!

Black Hat Offer To ISSA Members - Time is running out!

Attend the Black Hat Briefings & Training USA, July 29 - August 3 in Las Vegas, the world's premier technical event for IT security experts. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations. ISSA members receive a $100 Briefings discount by inserting BH06USAASSOC in the box marked “Coupon Codes” on the web registration page, shown on the final invoice.

Mark your calendar for the July 26 ISSA e-Symposium

e-Symposium 2006

The ISSA is delighted to continue the ground-breaking series of 1-day online conferences, entitled "2006 ISSA e-Symposium Series". The e-Symposia are designed to facilitate the knowledge sharing and gathering amongst our international members and within the global information security community as a whole. Building on the highly successful IT Security e-Symposium, each e-Symposium features interactive, live presentations and round table debates by the world's leading information security experts. Access is free of charge to ISSA members with a special code and anyone with a PC, an internet connection and a soundcard can attend from the convenience of their office. Other useful tools during the live events include Q&A, web-based chat and a message board.

The next e-Symposium is on July 26th, is focused on Emerging Threats and Response and features a stellar roster of global security experts. Register Now free of charge with your special code: B99731, http:/www.e-symposium.com/members/issaetr2006.php.

Carnegie Mellon CYLAB Technology Leadership Course – Time Sensitive Offer

Editor’s note: the ISSA has negotiated a significant discount on this educational program. If you are on a management track in your career, this is a unique program worth considering.

The Technology Leadership Essencials course will prepare talented technology executives like you to communicate and operationalize your organization¹s business strategy through technology.

Technology Leadership Essentials was co-developed with Carnegie Mellon CyLab, a multidisciplinary initiative at one of the world’s premier IT research and education universities and Tatum, the nation’s largest executive services firm specializing in technology and finance.

Middle-Market Focus

  • This partnership produced an innovative yet practical 12 module course taught over six months that serves the unique training and development needs of middle market technology leaders like you.
  • The course emphasizes the business skills and strategic decision-making needs of the modern day CIO.
  • The curriculum was developed with the understanding that rapid growth of middle-market organizations provides a unique set of challenges. This course is designed to prepare technology leaders to meet these challenges.
  • The courses will be taught by CIOs with an average of 15+ years of operational experience, primarily in middle-market organizations.

CPE/Continuing Education Credits

ISC2 will count Technology Leadership Essentials courses toward CPE credit for the following designations: CISSP, SSCP, CAP, and ISSEP concentrations.

Who Should Participate?

CIOs, CTOs, CSOs, VPs and Directors of IS/IT, and other senior technology officers who take this course will develop and hone the skills necessary to meet the new challenges of the profession.

Where is the Course Offered?

The Technology Leadership Essentials course will be offered in 35 major markets in the U.S. starting in late September 2006. Classes will run in a Friday and Saturday format one weekend per month for six months.

  • Program begins on September 22, 2006 for the following cities: Atlanta Detroit Philadelphia Boston Houston Phoenix Chicago Los Angeles San Francisco Cleveland Miami Seattle Dallas Minneapolis Tampa Denver New York City Washington, D.C.
  • Program begins on September 29, 2006 for the following cities: Austin Louisville Raleigh Baltimore Memphis Sacramento Charlotte Nashville SanAntonio Columbus Orlando San Diego Hartford Pittsburgh St. Louis Las Vegas Portland

Graduate with the STRATEGIC, BUSINESS, and TECHNICAL skills you need to excel as a technology leader.

Special Savings for ISSA Members

ISSA members are entitled to a $400 discount off the list price of the program. Those entitled to this discount should enter the word "ISSA" when prompted for an ID code at theregistration site. This discount is available until July 30th.

For more information or to enroll in the Technology Leadership Essentials program, visit http:/www.inc.com/techessentials/, call 800-248-0308, or email inctechleadess@inc.com.

SC Webcast features the President of the ISSA: Overcoming the Compliance Conundrum

CSOs must comply with a bevy of regulation. A main objective for many IT security professionals is discovering ways to leverage the work that goes into meeting just one of these manDates to apply to another so that compliance efforts are not duplicated. But what steps must they take to
ensure that they're not constantly re-creating their workload as they attempt to meet each manDate? Paul Kurtz, Executive Director of the Cyber Security Industry Alliance, and Dave Cullinane, CISO of Washington Mutual, Inc and President of the ISSA provide their expert advice with Illena Armstrong, Editor-in-Chief, SC Magazine moderating.

Webcast is on Thursday, July 27, 2 pm EST/11 am PST

Register today for this free webcast: http:/H-SC.dk10.net/r/?ZXU=270239&ZXD=27475667

The ISSA Learning Center is Open

ISSA University-SiegeWorks University
ISSA and SiegeWorks are pleased to announce high quality, on demand security education and training courses exclusively for ISSA members!

Local Chapters decide which courses they would like to sponsor for their membership, arrange for the venue and promote the course locally. SiegeWorks University trainers provide onsite training and Trainer the Trainer sessions for Chapters who request it.

Industry leading trainers, security luminaries as guest lecturers and top-quality materials!

Course Number Course Description Days Notes

  • IS1100 CISSP Preparation 5 No Test
  • IS1110 SSCP Preparation 5 No Test
  • IS1201 Wireless Security 5 Lab
  • IS1301 Principles of Security 5 Lab
  • IS1302 Advanced Security Concepts 5 Lab
  • IS1401 Practical Penetration Testing 5 Lab
  • IS1402 Building and Operating a Snort IDS 3 Lab
  • IS1403 Computer Forensics 5 Lab
  • IS1501 Web Application 2 Lab
  • IS1801 Policy Writing 3 None
  • IS1802 Incident Response 3 None
  • CS1901 Sarbanes-Oxley Compliance 2 None
  • CS1902 SB-1386 Compliance 2 None

Interested? Contact your local Chapter President or Education Coordinator to sponsor an ISSA SiegeWorks University course for your local members! Click here to request more information.

Trusted Learning's ISSA Learning Center

ISSA is working with Interpact, the Security Awareness Company to provide low-cost end-user training on a variety of topics, ranging from Security Awareness 101 to Identity Theft. Individuals can purchase courses or member organizations can open their own private learning centers and choose from a menu of existing courseware or upload proprietary training courses for their employees or customers.

Visit the ISSA homepage and click the link for the ISSA Learning Center, enter the access code (sa101cEn) then register as a student, purchase the courses and then begin taking them immediately. Here is a list of the courses available today:

  • Why Security Awareness? - FREE An overview of the need for Computer Security Awareness.
    This is targeted toward managers and executives who need the basics or a current upDate.
  • Internet and Computer Ethics for Kids - $3
    This Course is based upon Winn Schwartau's hit book by the same name. We teach our kids how to use computers, but not about when and what to do with them. What is right and what is wrong? Parents are too often clueless - the kids know more. What do we do? This Course.
  • SA101 Humorous 2005 - $5
    This is a short, non-technical 60 minute overview of Security Awareness - with an emphasis on keeping students entertained.
  • SA101 Corporate 2005 -$5
    This is a short, non-technical 60-minute overview of Security Awareness.
  • Email Safety at Home and Work - $5
    Learn how to avoid viruses, worms and spyware trying to get into company and home computers through e-mail, Web sites and IM applications.
  • ID Theft - $5
    Learn what your identity information is, where it resides, how it gets exposed, how thieves steal and abuse identities and how to protect your identity information from theft.
  • Social Engineering at Work and Home - $5
    There are infinite ways scammers convince us to give over private information on the phone, Internet and in person. Learn how to recognize common techniques and antics of these scammers so you won't fall victim to them.
  • SPYWARE - $5
    Learn how Spyware gets onto computers and what it does - like logging keystrokes and bogging down computers and networks. Then learn what you can do about it.
  • Viruses Protection at Work and Home - $5
    This course will show employees how viruses and worms spread, the damage they cause, and the steps they should take to protect their work and home computers from getting infected (and how to remove viruses or worms if they do).