Kevin Richards is an information risk management advisor with over 18 years of experience in information security, business continuity, and enterprise risk management. Kevin’s expertise ranges from risk analysis and program design to information security and business continuity program development and leading practices. Working with large multi-national commercial organizations, as well as the United States Department of Defense (DoD), Kevin provides an array of technical and practical perspectives on building and protecting an organization’s critical information assets.

Qualifications:

• Kevin is an Executive in Crowe Horwath’s Risk Consulting practice. Prior to Crowe, Kevin led the information security and business continuity service lines for Ernst &Young’s Midwest Sub-Area, and served as the midwest business continuity champion for E&Y’s global business continuity network.
• He is a frequent speaker at national and international security and IT conferences, covering various topics, including web application security, business continuity/disaster recovery, identity management, wireless security, intrusion detection and incident response, and information security leading practices.
• Kevin is active in promoting information security best practices throughout the industry. Currently, he serves as the International Vice President for the Information System Security Association (ISSA) International Board, as well as serving as a chapter advisor and former President for the ISSA Chicago Chapter.
• He participates in the FBI’s InfraGard program to assist in bridging the gap between the public sector and commercial sector information security best practices.
• Kevin was a founding member and active advisor for the Alliance for Enterprise Security Risk Management— an alliance among the ISSA, the Information Systems Audit and Control Association (ISACA), and ASIS International that works to bridge the gap between information and physical security.
• Kevin has published articles on a number of information security topics and is a regular contributor to monthly security periodicals.
• Kevin has a B.A. in marketing from Michigan State University. He is a Certified Information Systems Security Professional.
• He assisted in drafting the ISSA’s official response to the White House’s Critical Infrastructure Protection Board on the National Strategy to Secure Cyberspace.

Statement of Goals:

Dear ISSA Members,

It has been a great pleasure serving as your International Vice President over the last two years. Over that time, we have seen exciting improvements in the ISSA. We’ve seen membership grow to nearly 10,000 members, our world-wide chapter organization has grown over 20% in the last 2 years (140 strong), and I was fortunate to lead the creation and initiation of the Chapter Presidents’ Advisory Council – which had its first meeting last year (July 1, 2008). I’ve championed other significant efforts like negotiating significant discounts for ISSA members to (ISC)2 branded training events and the memorandum of understanding between the ISSA and ASIS International. Most importantly, though, I’ve been able to help our members and chapters realize true value by being an ISSA member – through world-class education, participating in a global network of information security professionals, and contributing to the greater information security community.

Looking forward, it is clear that we need to do more. We need to lead the information security community through innovation and collaboration. Our members are leaders in the information security profession – the ISSA needs to provide the vehicles to allow each member to contribute, to learn, to collaborate, and to achieve goals. My next term will continue to focus on maximizing the value of being an ISSA member:

• through the development of rich collaboration tools,
• by developing and partnering to provide industry leading training,
• by creating opportunities to allow our members to share their ideas,
• by negotiating strategic relationships with industry peers, and
• by identifying significant discounts for ISSA members.

I have been fortunate to be a part of the ISSA – both on a chapter and international Board level. My experiences on the Board (at both levels) provides perspectives on balancing the needs and wants of our membership with the business of running an association dedicated to providing value to the information security practitioner. Those experiences will serve as the foundation for decisions made on your behalf.

The ISSA plays, and will continue to play, a critical role in crafting the future of the information security profession. Our global membership gives us a unique and valuable set of insights on protecting our companies, our countries, and our families. As your continuing Vice President, I will dedicate my efforts to continue making the ISSA membership valuable and important to information security community, and help ISSA continue to be the Global Voice of Information Security.

It has been my pleasure serving as the ISSA International Vice President over the last two years, and I look forward to your support and serving you moving forward.

Pamela Fusco has accumulated over 23 years of substantial experience as an Information Security and Risk Management expert. Her extensive background and expertise expand globally encompassing numerous facets of enterprise and business security initiatives inclusive of logical, physical, personal, facilities, systems, networks, wireless, compliance and auditing, risk management, forensic analysis and investigations.

She was an initial founder of SAFE Bio Inc. and a strategic player in the formation of the company as well as serving on the BOD, developing, collaborating and supporting legally binding non-repudiation, inter-operable identity management in support of the healthcare and Pharma industries. She resided on the US Presidential White House Inaugural Staff, and has held prestigious positions as the Chief Security Officer, for Merck & Co., Inc., Digex Inc, MCI Security Solutions and Executive Vice President, Global Information Security, at Citigroup. Currently Pamela is a Director, serving on the ISSA International Board of Directors, contributing author and founding member of the Cloud Security Alliance (CSA)

Fusco has cultivated world wide security platforms with key methodologies, business practices and technologies and further designed, implemented and executed Systems Security Operations, Architecture, Policy and Compliance, Executive Steering boards and organizations. Technically astute, Pamela developed robust and cost effective intrusion detection devices, real-time analysis tools; automated systems and application security patch configuration processes and launched a security collaboration inspection engine. This combined with the responsibility of corporate governance and authoring policies, standards, ensuring the vast business requirements of customers and corporations in the healthcare, finance, retail, government, education and manufacturing arenas are met 24-7-365 have moved Pamela to top levels within the industry. She was recognized for her strategic and collaborative practices and achievements and awarded the Executive Women of influence award for 2006. Her passion for the industry is recognized world wide and her ability to navigate and collaborate on multiple aspects led to her appointment on the University of Advancing Technologies (UAT) Executive Advisory Board where she is influencing the Universities 28 plus undergraduate and graduate Technology and Information Security degreed curriculums, attesting to and investing in our future security professionals to ensure that they are well versed to meet the evolutionary demands of the world. She continues to contribute to the development and enrichment of the industry as a thought leader, change agent, pro-bono activist in support of international standards, instructor and facilitator of and for higher education, R&D consortiums and forums.

Prior, Pamela was an Intelligence analyst and information security lead for EDS where she initiated security operations for a world wide government network center. Previous to EDS, she was a Cryptologist where her focus was supporting security proceedings for government and national intelligence and SPECOPS (special operations). She has been bestowed with numerous honor awards, achievement and commendation medals, a Presidential Citation and is a Veteran of War.
Ms. Fusco is certificated and accredited as a CISSP, CISM, CHS Level III, National Security Agency INFOSEC Assessment Methodology Auditor (AIM Auditor), National Cryptologic School Adjunct Faculty Certified Instructor (NSA/CSS/NCS), she holds an MS in Information Management and a Doctorate of Technology, is a facilitator and mentor for Carnegie Mellon University‘s Cylab and InfoWorld’s Monthly Technology Panel, is a Delegate for Policing Cyberspace International, Chinese Prosecutors Society and the Presidential Commission on Critical Infrastructure Protection (CCIP), International.
She is an active member of the Council of Advisors, American Health Information Management Association (AHIMA) and the Healthcare Information Management Systems Society (HIMSS), American College of Forensic Examiners Institute, Global, Chief Information Officers Executive Forum, Information Systems Security Association (ISSA), Computer Security Institute (CSI), Information Systems Audit and Control Association (ISACA), resides on the Founders Board for the Executive Women’s Forum (EWF), Charter Member of Women in Technology International (WITI) GEN, an internationally elected officer on the Board of Directors of the ISSA International, Task Force member in the evaluation of ISC2’s CISSP and CISM certifications, Founding Member of RSA’s Executive Security Action Forum (ESAF), Chairman of the Executive Advisory Council for Securent (acquired via CISCO Systems), Debix, and Neupart. She is well known within the speaking circuit as her business acumen and immense security and risk management experience and expertise identify her as an internationally renowned expert and key note speaker at industry symposiums and foremost events.

Goals and Objectives:

For the previous 2 years I have proudly represented and served on the ISSA International Board of Directors as Director. The Information Security Profession is exceptionally rewarding, compelling and ever evolving and it is my strong aspiration to continue to propel the goals and objectives of our ISSA members by continuing for an additional two year term on the ISSA International board, as the Chief Financial Officer (CFO). I have immense pride for our industry and attest to the ethics and diligence of the ISSA as an involved and active representative with over 23 years of international experience.

If I am so honored as to be re-elected to the ISSA International Board of Directors, and represent our members as the Chief Financial Officer (CFO) I pledge to:

• Ensure intimate knowledge of the organizations financial objectives and initiatives; communicate decisions, identity expected goals and potential impacts of decisions regarding financial investments in support of our global members.
• Enlist collaborative forums, agendas and summits to gather member input, recommendations and suggestions in support of our global efforts.
• Communication with, listening to and acknowledgment of ISSA members and representatives, is essential in understanding the true value you require from your ISSA membership. The outlay and benefits associated with programs and agendas are not always obvious, thus understanding how development, deployment and implementation activities merge with specific programs will be clarified and justified, supporting and sharing a unified understanding of the economics of the ISSA International programs and activities on a global level, to ensure increased membership value, timely response, garner participation and establish ROI of your membership currency; addressing questions and areas of interest such as: “If we double the size of a program, will that increase our economies of scale or make the program unsustainable and diminish our members trusted relationship? If we replicate a program, what’s the implication for overhead?” Being in the unique position of the ISSA CFO, understanding and knowing what our member require enables the CFO to identify resources affiliated with where we are now and ascertain what assets and commitments are required to support where we have agreed want to be in “x” timeframe. Continuously identify meaningful avenues to fulfill the Information Security mission of advocating for members and practioners, enhancing the basis of our profession via education and research, and strengthening our profession via industry alliances and affiliates. Bringing to our members a broad and practical venue of opportunity, knowledge transfer and networking.
• Engage members and openly encourage participation and representation in programs, conferences and events. Expand and provide extensive analysis of the products and services that the ISSA provides and/or should provide to you. Ensure that your membership is a very wise investment with the opportunity for you to leverage discounts on the cost of industry related goods and services. This is only possible through the collective pool of members supporting our organization.
• Reward you for your dedicated membership, by offering additional and continuing valuable member benefits, increase and enhance leadership development opportunities and professional development via speaking and journal opportunities, whitepapers, metrics and reporting templates, getting you our members engaged in designing the ISSA strategic vision, obtaining buy-in, establishing a collaborative membership that transforms and transcends our industry from within our community, recognizing the value of your knowledge, experience, identifying community and leadership development needs collectively
• Identify and provide access to leadership development opportunities and resources outside the scope of individual programs. Expand the influences and existence of the ISSA International’s global organization, continuously remain committed to implementing global opportunities for all members and cultivate programs which enable our members to participate in international programs supported by the ISSA and respected industry affiliates, colleagues and partners.
• Make certain of improved collaboration and timely communication among the International board, our members and resources.
Solicit external firms and organizations to grow the Information Assurance educational programs, internship opportunities and scholarships.
• Provide support and guidance in the synchronization of events, commitments and summits. Attend chapter meetings to restate the Boards commitment to our organization.

Vern has over 30 years in Information Security starting with his responsibilities in the US Navy Submarine Force where he obtained a Masters Degree in Information Systems and served as the Executive Officer for a command recognized for excellence in providing training for Submarine crews and support for Submarine deployments and as a Network Engineer and Instructor at the US Naval Academy.

Since retiring from the Navy, he has worked for several companies starting with VP of Operations for GroundStar, a small computer consulting and staffing company followed by working as a Senior Information Engineer for Logicon working on the Southwest Boarder Anti-Drug Information Network with the US Department of Justice and the Texas Department of Public Safety where he obtained both the Certified Information Systems Security Professional (CISSP) and the Certified Business Continuity Professional (CBCP) certifications. He worked for Spohn Consulting as a Security Course Developer and Instructor and as a Security Consultant and during this time, he obtained the Cisco CCNA and CCDA certifications. Currently, Vern is employed by SAIC as a Security Architect working on Cloud Computing and has served as a Senior Security Architect for the IRS, an Applied Enterprise Architect for the Veterans Affairs Home Telehealth program and he provided oversight to the software development process with respect to federal security requirements. Additionally, over the last few years, Mr. Williams has distinguished himself as a Senior Member of the IEEE, serving as Secretary of Standards Coordinating Committee 38, Voting Systems Standards and Chair of the P1583 Security Sub Committee. He completed certification as a Certified HIPAA Security Professional (CHSP), a Project Management Professional (PMP), an Information Systems Security Engineering Professional (ISSEP) and as a Certified Secure Software Lifecycle Professional (CSSLP) during the time with SAIC.

Vern is a participant in Metricon and in the dissertation phase of a Doctoral Program focused on Security Metrics at the University of Fairfax and is due to complete the program in 2010. He has also demonstrated leadership as the Chair of the Local Austin ASIS chapter for 2007 and founding President of the local USAFA Parents Association and is the Liaison for ISSA International with ISO. As a spokesman for Information Security, has been a presenter at many conferences including the National Veterans Affairs IT, Platt’s IT Compliance, IEEE Annual Regional, Regional IIA, ConSec nearly annually, TRISC since its foundation, Federal Information Assurance Conference, and many others. A recent theme has been applying the lessons of engineering to the security profession to avoid repeating the mistakes of the past. A strong advocate of developing balanced security professionals with leadership, formal education, hands on experience and certifications in their portfolio.

ISSA: Vern has been active with ISSA since 1998 serving as the Secretary / Director of Operations for 2008-2009, recognized as the ISSA International Security Professional of the Year in 2005 and enrolled in the ISSA Honor Roll in 2007. In his role on the ISSA International Board, he has actively managed the daily operations and relationship with the ISSA management company, developed an ISSA Senior Member and Fellow Program, encouraged mentorship for ISSA chapters and fostered closer relationships with ASIS International, ISC2, IEEE and ISO. He has been a strong advocate for increasing ISSA International exposure and participating in regional conferences to a larger extent. He served with distinction as the President of the Capitol of Texas Chapter of the ISSA, providing vision and excellent leadership to the chapter and remains an active participant in the local chapter as an ex-officio board member. He established and was Lead Instructor for several years for a CISSP preparation course at the local community college that has been running for over 6 years. Vern recognized the need for a conference bringing the physical and information security and audit together to deal with Enterprise Risk and initiated the Texas Regional Infrastructure Security Conference (TRISC) in 2005 and was the Steering Committee Chair and a speaker at for the 5 annual TRISCs.

Goals and Objectives:

If elected to the role of ISSA International CFO / Treasurer I resolve to commit to the following actions:

• Develop revenue sources to enable ISSA International to grow significantly
• Provide fiscally sound management of ISSA International’s resources
• Enhance ISSA International’s global influence and recognition
• Assist local chapter to develop revenue streams that can enhance their ability to provide education and services to their members
• Encourage chapter members and leadership input to the decision-making process of the International board
• Improve the effectiveness of the ISSA International Board in meeting the goals of the organization and providing valuable services to the membership
• Strengthen existing relationships with international security-related organizations
• Enhance formal relationships with other international security-related organizations including standards development organizations such as IEEE and ISO
• Strengthen the relationship between ISC2, ISACA, ASIS, ACP and ISSA in addressing the Risk Management issues facing organizations and nations
• Support the expansion of Information Assurance education programs at colleges and universities and increase awareness of those currently available to ISSA members including educational scholarships.
• Develop sources of scholarship funding for ISSA International Members in obtaining advance degrees and certifications in the information assurance arena
• Cultivate opportunities for myself and other board members to speak at ISSA regional and local events and conferences
• Support the coordination of chapters to conduct regional conferences focused on expanding the recognition of ISSA as the Global Voice of Information Security Professionals

Nathan is Network Security Manager for Continental Airlines. Nathan was one of the founding members of the Oklahoma City Chapter of ISSA, serving as its first Secretary and then as the second President of the Chapter and has also served as Secretary for the Oklahoma InfraGard chapter. As Network Security Manager for Continental Airlines, Nathan is responsible to assure that their global network is safe and secure.

Statement of Goals:

Collaboration is what is going to help us weather our current economic climate and can provide a great resource for the defense of our enterprises in the current cyber-skirmishes and future cyber-wars that will take place on the Internet.  I believe that ISSA is a great mostly untapped resource we all have available to as a valuable weapon in our arsenal.  I believe that with your support, I can help bring those resources out and can help make ISSA more valuable for all of our members. 

I would like to implement a secure information sharing portal where our members can collaborate on their issues at hand in securing their enterprises.  This portal should be a secure place where our members ONLY can find other members that may be experiencing or may have experienced similar issues.   The bad guys have their portals for sharing, why shouldn’t we. 

I also want to increase our training and provide our members with valuable and timely information on current threats and how we can successfully combat those threats.  Our members are a valuable resource of information.  I believe that many of our members would jump at the chance to provide some short, point training that they find useful.  Many of our lessons learned can provide some great training opportunities to those who are just getting into the profession.

Pete Lindstrom is Research Director for Spire Security, an industry analyst firm providing analysis and research in the information security field. In his previous position as a security architect, Pete operated as the deputy to the chief information security officer for Wyeth Pharmaceuticals. In that role, he oversaw all security policy and compliance activities and participated on project teams for designing security controls for significant IT projects. In addition, he provided design and support to the identity management functions. As both an external and internal auditor (for Coopers and Lybrand and GMAC Mortgage), Pete provided breadth and depth to roles that linked technical security requirements of organizations with business risk for companies in health care, financial services, manufacturing, and higher education.

Currently, Pete conducts research in developing areas of information security. He is well-known for his work in practical enterprise security metrics, where he has advised and taught many security professionals. On the technical front, his most recent accomplishments include research findings in the areas of Web 2.0, virtualization, and cloud computing security. This research ties traditional security principles and practices to these burgeoning new IT arenas.

Pete is a frequent speaker and writer on information security topics. He has been a columnist in both the ISSA Journal and Information Security Magazine. He has a finance degree from the University of Notre Dame and is a Certified Information Systems Security Professional (CISSP).

Statement of Goals:

Thank you for the opportunity to express my goals in the Director of Operations role for ISSA International. In my career and as an advisor to many security professionals, I have had ample opportunity to travel around the world and speak with many of you about the state of information security today. These conversations with junior security analysts through chief information security officers are always enlightening and useful when contemplating a role that intends to represent the members in a valuable way. I have long been struck by the broad variety of views regarding both our profession and the ISSA itself.

Regarding our profession, I am compelled to look for ways to further our understanding of risk management in information security through the development of professional networks, broad dissemination of both factual and analytical information, and interaction with disparate but connected entities in industry, law, and government. In a broad sense, I would like to strengthen our profession by encouraging thoughtful debate around issues such as applying scientific methods to address existing beliefs, facilitating an understanding of risk within business, and defining the role of government and other bodies within the risk and security arena.

Regarding the ISSA, I would like to continue the process of optimizing value to members. Our journal and website are well-developed but need more activity. We have good name recognition around the world, but little influence in public debate around information security. There are many alternative organizations being created that may be beneficial as partners or that indicate a gap in the services the ISSA provides.

My goal as Director of Operations will be to find small ways to improve the ISSA overall. This means refocusing activities that show little value to members into those areas that provide greater benefit. It involves providing opportunities to streamline the volunteer efforts required at the chapter level by assisting with websites, communications, vendor coordination, etc. It means learning and sharing information from robust chapters so that smaller, less active chapters can thrive.

At a professional level, I hope to participate on committees and organizing groups to address the issues of the day – security metrics, network security architectures in a de-perimeterized world, security vendor and product management, application layer security, risk and compliance, and other topics as they arise.

I would enjoy the opportunity to serve your needs in the fulfillment of a better ISSA. Thank you.

Mark Williams is a security professional with more than 20 years of experience. This experience is diversified both geographically, having worked on 5 continents, and across industries including government, aerospace, manufacturing and banking.

Having started in IT as a network administrator and architect, Mark has lived through the evolution of security from a concept that was rarely spoken about and even less understood, to a critical function in every organization using Information Systems today. He has a deep understanding of risk and compliance which, together with significant business experience, gives him a unique profile as a leader and manager of both security operations, and business management.

Mr. Williams has spoken at international events and symposiums, as well as delivering seminars across the globe. This international experience gives him a perspective that includes understanding issues and attitudes across many different cultures and borders. He believes in the value of security in IT and currently holds the title of Information Security Officer. Mark is credentialed as both a CISA and CISSP.

Giving back to the community is a big part of Mark’s life and work ethic. Whether sitting on volunteer boards and committees, teaching security related courses, or actively participating in the Phoenix chapter of ISSA as a member of the Board of Directors responsible for programs, he is a fervent evangelist for Information Security and the ISSA.

Statement of Goals:

I am standing for election to the ISSA  International Board as the Director of Operations.  My experience in security, as well as time I have spent with various non-profit organizations gives me a good foundation for serving our organization in this position.  I was privileged to be the founding chair for the ISACA chapter in Bermuda in the mid 90’s, and I currently serve as the Program Director for the ISSA chapter in Phoenix, Arizona.  From this position at a chapter level, I believe that I have a good understanding of what the chapters want the International Board to be and to do for them.

Over more than 20 years, I have worked in various positions relative to our profession.  I have also had the opportunity to work internationally in a number of EMEA countries and have a real and current understanding of the issues our profession faces outside the U.S.  This provides me with vision to include chapters outside the U.S.  Our profession is growing fast outside North America, and we need to be aware and attuned to the needs and wants of our members in these other regions.

ISSA must be the preeminent organization for security practitioners worldwide.  No other organization has as big a stake in the fortunes of the security profession.  If elected I will commit my time and efforts to making this vision a reality, through providing program direction and content that all chapters can use that is relevant to our industry, and that helps to enhance our reputation and build membership.

New, committed general members and Board Directors are key to moving our association forward.  A new sense of direction will help put the ISSA back in the spotlight as a Security Professional’s organization.  ISSA must be the first organization anyone thinks of when they think of a career in Information Security.  We need to support and define standards and best practices for our members, provide training and education for interested parties, and evangelize at every opportunity to grow our membership and make ISSA the first name in security organizations.

I believe that by doing these things, and by supporting students and new members in learning and experiential activities, we will be that premiere organization.  I look forward to making this a reality by serving you as your Director of Programs and I ask for your support to do so.

Platform:

Outreach:

At this time in our economy, there is unprecedented attention being paid to Information Security.  The reasons for this are many, the potential insider threat being the most obvious.  However, this fails to address the root cause that underlies this increased risk.

Over the past decade, Security Evangelists have been saying that the threat landscape is increasing.  Hackers have been getting better at what they do, and more threatening.

Our employees have been asked to do more with less as far as Security is concerned for some time.  The result is that we find ourselves under-resourced and underfunded at the very moment when we need our Security resources most.

ISSA must therefore reach out to all business groups and sectors as well as to government and other regulators to ensure that the best interests of the Security Practitioner Community are represented.  A knee jerk reaction to the underfunding and understaffing of Security over the past decade is not the answer that will mitigate future potential events of the same type.

Outreach needs to assist business with programs that develop workable security programs.  We need to train groups outside of “IT Security” as to the functions that overlap with their worlds (SCADA, Transportation etc.).

More than that we need to get into the community at large.  Why do our chapters not all have news papers and other media units calling them for comment on IT Security issues?  When was the last time a chapter did a presentation at a local school, senior’s home, or Chamber of Commerce?
We need to be out in the community.  To do that we need collateral that all chapters can use to create basic presentations, and “branded” information statements that reflect well on ISSA International.

Education:

With the surge in training courses at the tertiary level, we need to be cognizant of, and support those educational institutions develop and promote learning in Information Security.  All chapters need to be encouraging students to attend their meetings, at no cost if necessary.  These students are our future members, and the future of Information Security.

If they do not see ISSA as their organization of choice, we lose twice.  First we lose a potential member to another organization, which may or may not have the best interests of Information Security at the top of their agenda.  Secondly, we weaken our organization overall in the future.  Without sufficient membership, we will be unable to provide good quality, highly directed training and support for Information Security Professionals into the future.

ISSA scholarships and bursaries should be encouraged for all chapters.  The International Board should be working to make the liaisons happen and to cultivate relationships with educators and administrators.

Certification training is the second side of this coin.  All chapters should be encouraged to staff and run training courses for members and non-members for certification.  Baseline materials should be developed and provided to chapters to enable them to provide high quality, professional training to prospective certification holders.

As a recognized information security leader, Candy has in-depth experience in performing many aspects of information security which she obtained through the various information security roles she has filled in her 21+ years in the industry at companies such as Digital Equipment, Compaq Computer Corporation and Symantec. Candy is a past recipient of the ISSA Security Professional of the Year and ISSA Honor Roll.

Candy is often requested to present at various conferences. Her most memorable to date is the session at the United Nations where she was a featured speaker for the IT Security Symposium on September 11, 2003 and running in close second is an invitation she received to the Offices of the White House to speak on the importance of security awareness to the President’s Cyber-Czar staff.

In her ongoing commitment to “give back” and support the information security profession, Candy has volunteered as the 1st President of the ISSA Education and Research Foundation. Candy has also served as Vice President of Education and Vice President of International Relations for “ISSA” (Information Systems Security Association) at the International Board level. She remains heavily involved at the local level through her participation with the New England Chapter board and the ISSA-New Hampshire Chapter.

Candy is currently enjoying her position as CISO for a prime Federal contractor which enables her to establish and implement a Corporate Security Program in beautiful Portsmouth, New Hampshire.

Statement of Goals:

If elected as a director to the International Board, I will:

• Utilize my skills and leverage contacts obtained during my past tenure on the International Board such as motivating people to come together from diverse backgrounds and knowing who you can call on to help get the job done.
• Reach out to Chapters and members to understand their needs and work with fellow board members to meet those needs to ensure the value of membership to our association. Use innovation and creativity to provide for fresh solutions to old problems.
• Identify ways to grow the youth of our profession to ensure the transfer of knowledge and that the legacy remains with our profession - through our Chapters, training, and networking opportunities.
• Look for ways to enhance the knowledge transfer of our members to provide well-rounded, educated and informed professional leaders.
• Provide the means for ISSA to maintain association leadership through partnerships with like-minded organizations.
• Increase ISSA’s brand recognition to the level of “when the world hears “information security”, the world thinks ISSA”.
• Ensure that ISSA remains an organization we are all proud to be members of and others would want to become members of.

I hold a Ph.D. in Business Administration specializing in Information Systems from The University of Texas at San Antonio, and the degree Electrical Engineer from the Naval Postgraduate School in Monterey California. I am an Assistant Professor in the College of Technology at the University of Houston, in Houston TX and a member of both the Alamo Chapter in San Antonio and the South Texas Chapter in Houston. I serve as a member of the Education Committee for the South Texas Chapter.

My academic background is associated with the application of information security and the nation’s critical infrastructures. Formerly the Technical Director for the Center for Infrastructure Assurance and Security at The University of Texas in San Antonio, I have also served 10 years in the US military and 10 years in the financial services and manufacturing industries. I have presented papers at industry and academic conferences and am the author of numerous papers on information security and co-author of four books.

Statement of Goals:

I believe in leverage – working with others to expand presence and opportunity and the value of communication.

• Grow Membership
• Other professional societies have grown by “growing their own members” through student chapters and tiered member grades. We can replicate this in ISSA, increasing membership numbers.
• Partner with educational institutions, develop student chapters, and expand the education of our next generation of membership by mediating industry-education partnerships.

• Make Membership More Valuable
• Find ways of “giving back” to the membership, increasing the value of membership. Access to useful information, such as standards, is one way that ISSA International can improve value.
• Local chapters have worked together to develop successful programs, strengthening the value to their membership. This is a local action that can be replicated across other chapters.

• Leverage point: Make our society should be the source of information for information security professionals.

Our industry is growing and changing. I believe that ISSA must remain flexible and focus on remaining the source of actionable information from the wide range of constituencies we serve. The International Board can provide the leadership that supports local growth, provides resources and communications that enhance local offerings, and operationalizes the concept: Make membership valuable.
Bio
Wm. Arthur Conklin holds a Ph.D. in Business Administration, specializing in information systems from The University of Texas at San Antonio, and the Electrical Engineer degree from the Naval Postgraduate School in Monterey, California. He is an assistant professor in the College of Technology at the University of Houston, in Houston, TX and a member of both the Alamo Chapter in San Antonio and the South Texas Chapter in Houston, serving as a member of the Education Committee for the South Texas Chapter. His academic background is associated with the application of information security and the nation’s critical infrastructures. Formerly the technical director for the Center for Infrastructure Assurance and Security at The University of Texas in San Antonio, he has also served 10 years in the U.S. Navy and 10 years in the financial services and manufacturing industries. He has presented papers at industry and academic conferences and is the author of numerous papers on information security and co-author of four books.
I ask for your vote.

Director, International Board of Directors, ISSA International
Advisor, ISSA Editorial Advisory Board
Advisor, ISSA CISO Executive Forum
CISSP
Bay Area InfraGard Member
Director-At-Large, Silicon Valley ISSA Chapter (1 year)
Past-President, Silicon Valley ISSA Chapter (3 years)
Past Vice-President, Silicon Valley ISSA Chapter (1 year)
Past Communication Director, Silicon Valley ISSA Chapter (1 year)
Past Membership Director, Silicon Valley ISSA Chapter (2 years)
Founding Member, Silicon Valley ISSA Chapter
Past Member, San Francisco ISSA Chapter

I am in my second year on the ISSA International Board and look forward to serving another two year term. I am the board representative on the ISSA Editorial Advisory Board and involved in several of the strategic initiatives designed to increase value to the international chapter members.
I have been an active member of the ISSA for nearly 12 years. As I founding member of the Silicon Valley Chapter, I have enjoyed serving the Silicon Valley Chapter membership for the past 8 years as Membership Director for 2 years, Communications Director for one year, Vice President for one year, President for 3 years, and as Director-At-Large for the past year.

I participated on the Silicon Valley Chapter Annual Conference committee for the past 7 years, originally assisting and for the past 5 years running the Vendor Relations portion of the conference. We have steadily increased our Vendor participation to over 35 companies. The Cornerstones of Trust Conference (current name) has been a local Northern California success and focuses on bringing value to our membership by delivering a top-notch security conference at a very affordable price. We have generated $15,000 to $25,000 per event spread across the 3 organizations to help fund our annual activities and outreach programs. We have done this with the help of many members from the San Francisco Chapter and Bay Area InfraGard.

I established a monthly Silicon Valley Board Meeting to keep our chapter focused on delivering value to our members. Along with the board we created the Silicon Valley ISSA Outreach Program for giving back to the community. The main fund raiser for the Outreach program is the Silicon Valley Golf Classic. Heading sponsorship I helped raise more than $10,000 for the Outreach program. I guided the Silicon Valley Chapter board in developing a Best Practices Guide for each chapter board position, to help formalize roles and responsibilities and to aid newly elected board members. I developed a monthly power point presentation displayed during networking lunches to inform the chapter of upcoming events, education opportunities, website updates, job posting information, and international ISSA information.

CISSP since April 2005

Statement of Goals:

It is my ambition to help further the goals of the International ISSA by continuing for another two year term on the ISSA International board. I am an active voice with years of local chapter experience and will round out an already dynamic group of security professionals. If elected again as a Director to the International ISSA Board, I will dedicate my energies to growing the membership and focus the board on giving back to the chapters. The existing board has helped move the association forward and now is the time to leverage the foundation with a continued focus on the membership.

1) Grow existing chapter base thru the promotion and sharing of ideas and best practices. Focus on making every chapter a strong and vibrant chapter.

2) Guide decisions based on one question: “How will this help our members and our chapters?” I will continue to support the CISO Executive Forum and help grow the membership of CISO’s and CSO’s and value it brings to the industry.

I will help deliver a solution to the membership that allows our members to collaborate and communicate more effectively through the delivery of ISSA Connect. My plan as a director on the International Board is to help it meet the association’s goal of facilitating interaction and education to create a more successful environment for global information systems security and for the professionals involved. I served locally in the Silicon Valley ISSA Chapter for eight years. I have been a Chapter President, Vice-President, Communications Director, and Membership Director and have a good understanding of how the local chapters run. I have been an active member of the San Francisco Chapter and a founding member of the Silicon Valley Chapter for 10 years. I look forward to applying my knowledge and energies to the International Board. It would be an honor to continue to serve on the International board and I look forward to receiving your vote.

Sincerely,
Bill Danigelis, CISSP

Andrea received her initiation into the information security community when her hard work and dedication earned her the role of Assistant Venue Manager/Supervisor at the 1984 Summer Olympics in Los Angeles, California. This position exposed her to the information security field and ignited a passion that has made Andrea, arguably, one of the leading women in her profession. She has not only served as an advisor to the Pentagon, but in 1991 she received the Security Education Manager's Award, presented to her by a representative from the Pentagon, acknowledging her work in applying Continuous Process Improvements to the implementation of information security resulting in cost savings for both industry and Government. She has been involved in numerous committees in Washington, D.C., to establish national and international information security policies. Internationally she has assisted companies to establish policies and procedures that comply with the European Union Privacy Directive, the Data Protection Act of 1998, and the Wet Bescherming Persoonsgegevens (WBP) Dutch Personal Data Protection Act of 2000.

She has been consulted by various media outlets and conferences with speaking engagements and interviews on cutting edge security and compliance issues and uses these opportunities to further the growth of ISSA, by mentioning membership opportunities. Andrea’s commitment to education has driven her to create a nationwide “Chief Information Security Officer (CISO) Bootcamp,” which addresses best practices of security management and assists those that are given the “title” without the compensation and control to gain the positioning they deserve. Andrea’s leadership positions in information security and business continuity includes companies such as Fluor, Rockwell International, Boeing, McDonnell Douglas, Litton, and consulting to such as Pacific Life, Genentech, Hamni Bank, and East West Bank.

Andrea served her eighth term as President of the Orange County ISSA, where she had successfully tripled the membership in the first two years in office. Prior to that she served as Vice President and Program Director of the ISSA OC Chapter. At the international level, she volunteered with the first CISO Executive Forum Task Force sponsored by ISSA. This forum was established to bring together ISSA members that are CISOs, to give them an opportunity to network, share ideas, and improve upon their skills in this much needed executive role. Andrea also has served as a Presidential Advisor to ISSA International and represented the United States as a diplomat to China on eDiscovery and forensics.

Andrea has been Co-Chair and Chairperson of the ISSA SoCAL Symposium for over 7 years and enjoys sharing the lessons learned to help other chapters establish much needed funds for their meetings, training, and educational opportunities for their members.

She served on the Technical Advisory Board for RSA for 4 years and advised the International Board of Directors for PointSec/ProtectData of Sweden. She presently sat on the Board of Advisors for Encentuate, a global security identity management and provisioning company, leading to its successful acquisition by IBM (International Business Machines) in 2008. She presently sits on the Board of Advisors for the Association of Women in Technology (AWT) and would like to use some of the experiences she has to further ISSA International as the information security professionals’ association.

Andrea received a Masters of Business Administration from Pepperdine University in Malibu, California. Prior to that, she graduated Magna Cum Laude and was entered into the honor society of Beta Gamma Sigma (the Phi Beta Kappa of the School of Business).

Statement of Goals:

My reason and goals for running for a position on the Board is to support the growth of the ISSA as a true international organization with an overall goal to make decisions on what best supports the Chapters and individual members, no matter what level of position they may hold in an organization.

Goals which I feel will assist in this overall goal are:

• More assistance and collection of “lessons learned” for availability to other Chapters
• Develop or Negotiate discounts for ISSA members to high quality conferences and information security training
• Assist in the continuation of developing partnerships and alliances which will provide greater opportunities for local Chapters and members, especially during these economic times where costs divided can assist smaller Chapters
• Add balance and consideration for all Chapters needs, not just US based when making Board decisions
• Never forgetting how Board decisions can elevate or diminish the respect ISSA International needs to maintain as a professional not for profit organization

As a past Presidential Advisor on the ISSA International Board, as well as a CISO Executive Forum Task Force founding member, and ISSA Orange County Chapter President for over 7 years, I hope you find it in your heart to allow me to bring the voice of yourself and the many ISSA members I have listened and worked with over these years to the Board.

Mr. Noble has 18 years of specialization in Information Security and is currently an Information Assurance (IA) Principal at the MITRE Corporation.  Mr. Noble led the IA Assessment and is currently responsible for developing the IA program strategy for DHS ICE.

Prior the MITRE, Mr. Noble served as the Chief Information Security Officer at the Federal Communications Commission where he was responsible for developing and managing the FCC’s information assurance strategy and program.  Mr. Noble coordinated all Information Assurance compliance audits for IT systems to ensure they meet GAO, OMB, OIG audits for FISMA.  Mr. Noble was the lead for DRP coordination. 

Prior to this, Mr. Noble was on the staff of the Associate Director, Management & Operations, Administrative Office of the U.S. Courts (AOUSC), providing technical assistance and advice in investigations and oversight for the Judiciary.  Mr. Noble was the Senior IT Security Analyst in the IT Security Office, AOUSC where he managed security initiatives for the Judiciary.

Mr. Noble has been a board member of ISSA-NOVA chapter since 2004 and served in various offices, including his second term as President.  Mr. Noble received ISSA’s prestigious President’s Award for Public Service in 2007.  Mr. Noble has served on the (ISC)2 Government Advisory Board for CyberSecurity since 2003.

Mr. Noble received a B.A, from Virginia Commonwealth University. 

Statement of Goals:

I would bring to the International Board the perspective of a Chapter Board member who has served since 2004 in various offices including President.  I have continuously sought to better the information security profession by focusing on the needs of the ISSA membership and by bringing people and organizations together for the betterment of the information security profession.   Examples include outreach and support efforts to:

• (ISC)2
• ISACA – NCAC
• Other ISSA Chapters
• ASIS
• Veterans Programs
• CyberWatch Scholarships
• Local University Scholarships

I would focus on improved communications to the ISSA membership and synergistic organizations that serve the International membership and increase our visibility.  We have accomplished this through multiple initiatives at the regional level such as the education opportunities through chapter sponsored scholarships, Laurie McQuillan Scholarship, veteran’s initiative, and chapter mentor programs.  All of these efforts provide me with invaluable insight to the needs of our constituency and demonstrate my abilities enabling me to make valuable contribution to the continuing development of ISSA on an international level.

Dr. George J. Proeller has more than 25 years experience in information systems security engineering, architecture, and management and has been a member of ISSA for the past ten. He is a practitioner, mentor, leader, and advocate with a record of service and accomplishments at both the chapter and national levels. During his nine-year tenure as president of the Colorado Springs chapter he brought new life to a chapter that in 1999 had dwindled to a membership of nine such that in 2005 it named chapter of the year with a membership of nearly 400. He now serves as president emeritus and ISSA-COS is among ISSA’s largest and most active.  

George initiated three major annual conferences each of which is now celebrating its 10 year anniversary and each of which is still no cost to chapter members attending. The spring conference is coincident with El Paso County Computer Security week and the Fall with Colorado Springs Information Security Week each with declarations by the county and mayor and the summer with the Federal Information Security Conference.

In the academic arena George worked with multiple universities to establish information security as a part of the curricula as also establish scholarship programs. Nationally he chaired the ISSA scholarship program and is a frequent speaker on information security related topics as part of the IEEE Distinguished Lecturer Program.  

George was among the first to earn the Security+ certification and served as chair of the CompTIA Security Cornerstone Committee responsible for growing the program. Recognizing the need to assist chapter members in professional development he established a chapter level “train the trainer” program to provide low cost CISSP and other certification training to chapter members.

As a security evangelist George has been instrumental in the founding of chapters both within and external to US borders as well as founding security outreach and awareness programs that know no borders.

George’s awards include CompTIA Volunteer of the Year in 2004 for his work bringing Security+ Online. ISSA Honor Roll – 2005, Colorado Technical University Wall of Fame (2005) for his many contributions to the Security Program and community and ISSA Hall of Fame 2008.

Statement of Goals:

1. Develop and maximize opportunities for education and training for our chapters and membership.
2. Enhance communication, collaboration, and networking within ISSA focusing on learning from, and sharing with, each other. 
3. Continue to evangelize from the grass roots to the top level
4. Foster and develop creative ways to involve members
5. Continue to work outreach programs.
6. Be available to the members.
7. Support the elected officers.

Mr. Schultz is the Senior Director of the Cyber Security Practice of the Battelle Memorial Institute, the world’s largest non-profit research and development firm. Mr. Schultz is responsible for the strategic direction of all Battelle cyber security services and works in conjunction with the Battelle Group Managers to lead teams of cyber security professionals to design, implement and evaluate the security of large data networks and data sharing applications within the Intelligence Community, Department of Defense and Civilian sectors of the United States Federal government. Mr. Schultz serves as the Cyber Security Practice principle research and development (R&D) liaison with the national laboratories and academia and also provides technical security leadership for the practice. Recently, he was appointed by the Director of National Intelligence (DNI) Chief Information Officer’s (CIO) Office to lead the DNI CIO’s Risk Assessment and Risk Management Tiger Team for the Revitalization of Certification & Accreditation (C&A) which ultimately lead to replacement of DCID 6/3 with IDC 503.

Over Mr. Schultz’s 18 year career, he has led several information security consulting organizations: Director of Information Assurance Architecture at Nortel Government Solutions, Director of Information Assurance at PEC Solutions and was a Manager within the Arthur Andersen LLP Computer Risk Management Practice. Mr. Schultz is a publicly recognized information assurance speaker, author and information security industry leader. He holds a Masters of Business Administration (MBA) from George Washington University and a Bachelors of Business Administration from James Madison University. Mr. Schultz holds several information security professional certifications: Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Information Systems Security Architect Professional (ISSAP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and NSA-IAM. He is an active member of the National Eagle Scout Association and resides with his wife and four sons in the Washington, DC area.

Statement of Goals:

As a Director serving on the ISSA International Board of Directors for the last two years, I have committed my efforts to adding significant value and improved services to the individual member and the Chapter Officers by initiating or actively working to develop the following programs:

Strategic Plan – focused on delivering outstanding member services
Chapter Officer Training – provided insights to efficient chapter management
Career Development Webcast – led webcast on career development
ISSA Connect – served to define requirements and vendor selection for a social network for ISSA members – due to release this summer
Fellowship Program – to recognize outstanding career performance in the field of information security – due to release this summer

If re-elected as Director, I will continue to lead efforts to add value to the membership by driving to the following goals:

• Double the membership of ISSA in two years
• Triple revenues in two years
• Hold an annual “ISSA World Wide Information Security Conference” befitting of a leading industry membership organization

Top 10 Actions to Implement Goals:

• Organize an Annual Meeting of the local Chapter Presidents to develop a “Top 10” list of things they want ISSA International to do to serve them
• Implement a “Five Year Strategic Plan” to implement the feedback of the local chapters
• Implement an “Information Security Professionals Only” Social Networking Environment bound by ISSA’s code of ethics to make on-line professional networking a legitimate and meaningful way to interact with fellow information security professionals
• Implement a Collaboration Tool for the use of local chapter officers  (i.e. SharePoint) to allow chapter officers to organize and store critical documents, coordinate calendars and manage action items thereby allowing them to be more productive and provide more services to their members
• Provide Robust Web Hosting for each of the local chapter web sites to save the local chapters the expense of hosting their own
• Implement a comprehensive Sponsorship Program that provides revenues for ISSA and high value benefits for security vendors
• Become “The Voice of Child Internet Safety” guidance
• Develop Comprehensive Web-based Chapter Officer Training
• Reform ISSA International By-Laws to eliminate conflicting and confusing clauses

Why I want to serve as Director?
Throughout my professional career, I have been fascinated by the concept of security.  It is what allows civilized people to build governments, businesses and benevolent organizations.  Security serves as the foundation which allows extraordinary and ordinary people to dream of a better world.  Information security has taken center stage as a profession and without the work of many of our fellow ISSA members much of our modern systems of government, commerce and social networks would not be possible.

Each ISSA member I have met is passionate about the information security profession and is constantly striving to make it better.  I share your passion and want to ensure that ISSA continues to be “The Voice of Information Security”. With your support, I will leverage my business experience in running successful information security organizations to help ISSA International achieve new heights in serving you and all of the members of ISSA International.

Qualifications to be a Director, ISSA International Board of Directors:

• ISSA International Honor Roll, Awarded 2009 for sustained 18 years of service to the information security profession and service to ISSA
• Director, ISSA International Board of Directors (2007-2009 term)
• Board Member of (ISC)² Americas Advisory Board
• President, ISSA Northern Virginia Chapter, 2007
• President, ISSA Northern Virginia Chapter, 2006
• Led ISSA Northern Virginia Chapter to become ISSA International “Chapter of the Year”, 2007
• Led ISSA Northern Virginia Chapter to nearly double its membership, 2006
• Led ISSA Northern Virginia Chapter to become the largest chapter, 2006
• Led ISSA Northern Virginia Chapter to triple its revenues, 2007
• Chairperson, Audit Committee, ISSA Northern Virginia Chapter, 2005
• Elections Reform Committee, ISSA Northern Virginia Chapter, 2005
• Recognition and Awards Committee, ISSA Northern Virginia Chapter, 2005
• Active ISSA Member since 2000
• Senior Director, Cyber Security Practice, Battelle Memorial Institute, world’s largest non-profit research and development (R&D) firm.  Provides executive level information security advisory services to agency CIOs, CSOs, CISOs and other strategic policy makers with regards to security policy, emerging security related technologies and enterprise wide security implementation initiatives.

Roy Wilkinson has 25 years of Information Technology experience, focusing in Security and Infrastructure, as well as nearly 20 years of experience in physical security, notably serving as Senior Security Consultant for the 2004 Olympic Games in Athens, Greece. He is currently CSO for a technology consulting firm. Along with several industry certifications, Dr. Wilkinson has been awarded Diplomate status by the American Board for Certification in Homeland Security, and Fellow status by the American College of Forensic Examiners. He is a member of the Georgia Security Professionals Speakers Group, and an adjunct instructor for the GBI.

Roy is currently US Eastern representative on the ISSA Intl Chapter Presidents Advisory Council, and works on the ISSA/ASIS liaison committee. A two-term president of the Atlanta chapter, he now serves as mentor and resource for the chapter’s members and Board of Directors. He organized the first Atlanta ISSA InfoSec Conference, now in its fifth year, and a number of other ISSA security events. He also established partnerships between Atlanta ISSA and other security organizations. Under his leadership, the chapter became financially stable and membership increased. In 2009, Roy was inducted into the ISSA Hall of Fame, one of only 30 people ever to receive this honor.

Statement of Goals:

One goal would be for ISSA to be more cohesive, rather than a collection of small groups working independently to succeed. As a chapter president, I often felt like our chapter was left to sink or swim on its own. One of the reasons I got involved in the CPAC was the opportunity to build a bridge between the chapters and the association, enabling the chapters’ voices to be heard and providing a conduit in both directions. I believe a single, unified voice for Information Security will carry more weight externally, and I believe each chapter can be stronger when we can lean on, and share our successes with, each other.

Another primary objective would be to add to ISSA membership benefits. Today, we have some global benefits, and some individually by chapter. I would like to see us offer more benefits from the overall association. In addition to being something positive for current members, benefits could potentially help with recruitment. Having worked in other associations to build benefits into their membership programs, I believe this would be a strong plus for ISSA.

Ira Winkler, CISSP, is currently the president of the Internet Security Advisors Group.  He consults to some of the largest corporations in the world, providing primarily strategic consulting services, such as CISO trusted advisor services, high visibility security assessment services, and awareness training.  Ira also performs a number of speaking engagements.  He is author of several books, with his most recent being Spies Among Us and Zen and the Art of Information Security.

Ira began his career as an analyst at the National Security Agency.  He then became cross trained as a computer systems analyst, and performed in a wide variety of positions throughout NSA and worked with a variety of other government agencies in the US and around the world.  He then moved on to work for government contractors, and began to perform information security work for a wide variety of commercial clients.  At that time, Ira’s writings and presentations established him as a leader in the field.

Ira moved on to the National Computer Security Association as the Director of Technology and oversaw their industry leading Anti-Virus product certification program, and helped establish their Firewall certification program.  He also continued to perform a wide variety of consulting services.

Ira then went out on his own, and formed the Internet Security Advisors Group, which became a leading boutique security firm, primarily serving the Fortune 50.  The company was essentially acquired by Hewlett-Packard in 2001, and Ira served as Chief Security Strategist in HP Consulting.

Ira has also taught for several college programs, including the graduate and undergraduate programs of The Johns Hopkins University and the University of Maryland. 

Ira also volunteers to speak at ISSA meetings around the world.  His presentations attract record attendance at many of the events.  He also regularly contributes to ComputerWorld and other industry publications.  For these, among countless of his other contributions to the ISSA and the security field as a whole, Ira received the ISSA Hall of Fame award.

Statement of Goals:

As many people know, I chose not to run for reelection as an International Director during last year’s election.  As I tell people, I believed that the ISSA wasn’t properly serving the bulk of the members, given the disproportionate amount of time for the CISO Forum.  It is my opinion that for the ISSA to remain relevant to professionals, we have to serve the 99% of members who are professional members, in proper proportion to the 1% of CISO members.  In short, I believe that all board members are accountable for the board’s actions, and that I therefore didn’t deserve to be reelected, whether or not I received enough votes.

I have since been approached by many members of the ISSA International Board, and asked to run for the International Board again.  There is now apparently momentum for the issues I brought up.  While I do believe there is a place for the CISO Forum, we must keep that in proportion to how we serve the overall ISSA membership.

I can come up with lofty goals, as many candidates will, however the reality is that few lofty goals are actually achieved by candidates after they are elected.  Likewise, even with the best intentions, a wide variety of unpredictable circumstances prevent board members from achieving their goals.  Therefore, the only real goal I tout is:

• Exercise good judgment as I make decisions that affect ISSA members, while keeping in mind that our general membership comes first.

I can tell you that to support that goal, I intend to support the ISSA Connect effort.  I also intend to push for an ISSA conference.  I also plan to explore opening up the CISO Forum to become a Security Executive Forum.  Again though, these are subordinate goals to the main goal of just doing the right thing. 

Ernest E. (Ernie) Zernial Jr., CISSP-ISSMP, is currently an Associate with the Booz Allen Hamilton (BAH) Assurance and Resilience Division leading a team of 13 subject matter experts in engineering, logistics, finance, security, plans and acquisition to design, build, test, certify and install eight secure, certified and accredited networked system for a BAH client.  Ernie’s previous positions include Information Security Principal with Computer Sciences Corporation responsible for managing engineering efforts for one of the largest a public key infrastructure roll-outs, certifying and accrediting six sensitive systems, and serving as an information security architect for an internationally dispersed secure system.  Ernie was the Vice President and Chief Information Security Officer for a Fortune 100 insurance company responsible for all aspects of information systems security and disaster recovery for three data centers and over 40,000-networked users in the U. S. and 60 countries.  His last military assignment as an information technology staff officer was as the Information Protection Division Chief, Headquarters United States Air Force (USAF), the Pentagon; Washington D.C. Then Lieutenant Colonel Zernial was responsible for numerous policy and programmatic efforts culminating in the development of a multi-aspect information security program for the USAF. Ernie is a former military aviation technician with service in the U.S. Marine Corps (USMC). His professional activities and achievements include:

• Information Systems Security Association (ISSA)
• Alamo Chapter, founding member (2000) and president (2001-2003)
• Director of Awards, International Board of Directors (2003 – 2005)
• Vice President of Membership, International Board of Directors (2005 – 2007)
• Director, International ISSA Board of Directors (2007 – present)
• International Information Systems Security Certification Consortium, Lead Instructors CISSP CBK Review Seminars (2000 – 2004)
• University of Texas at San Antonio, Center for Infrastructure Assurance and Security, Executive Advisory

Board, voting member and Ex-officio Secretary, November 2001 - August 2004

• Certified Information Systems Manager (CISM), 2003 – 2008
• Certified Information Systems Security Professional (CISSP), July 1998, re-certified 2001, 2004, and 2007
• Numerous USMC and USAF military decorations for meritorious service
• Armed Forces Communications-Computer Association, Lifetime member and Bay County Chapter, President, 1993-1994
• Federal Aviation Agency Flight Certification, Single Engine, 1988

Ernie completed his Executive Master of Business Administration degree at the University of Texas at San Antonio in May 2005.  Ernie is married to the former Carol Sutton of Amarillo, TX; has three sons, Chris, Wes and Ben; and enjoys international travel, cycling, exercise, study of martial arts and reading.

Statement of Goals:

I am seeking to continue as a Director on the International Board of Directors Information Systems Security Association (ISSA).  I seek your vote so I may continue my service to you, the members of ISSA. My goals for the next two years include:

• Seeking opportunities that improve the educational opportunities of the individual ISSA member
• Developing and enhancing the individual ISSA member’s benefits
• Establishing chapter and regional recognition programs for information security professionals and organizations who provide outstanding contributions to the profession, their chapter and our association
• Working with the chapters and with those individuals seeking to start new chapter in developing membership growth, retention programs and soliciting new members 
• Building an ISSA International organization structure that will serve the future growth of ISSA 
• Supporting regional opportunities for conferences
• Being the chief advocate for the Collegiate Cyber Defense Challenge that provides academic institutions with an information assurance or computer security curriculum
• Creating competitive environments that assess college student's depth of understanding and operational competency in managing the challenges inherent in protecting a corporate network infrastructure and business information systems

I wish to continue using the skills, knowledge, education and professional experiences I have acquired to solve ISSA’s key organizational challenges while working with other Board members, chapter presidents, and individual ISSA members.  I believe that membership in ISSA enhances professional opportunities.  ISSA creates a world-wide network of individual security practitioners who are solving the collective challenges of our technologically tied personal and professional lives.  ISSA has the potential to make us successful in our individual efforts.  Please be an active ISSA member and participate in chapter activities.  It’s your career.