In this Issue

1. Join in Discussion of Information Security Legislative Trends Now on ISSA Connect
2. Nominations for International Board of Directors
3. Does Privacy Exist in the Age of Social Networking?
4. Top 10 Security Threats in 2010
5. Attending RSA? Visit the ISSA Booth
6. Congratulations to the Membership Survey Prize Winners
7. 2010 ISSA Web Conference Series
8. ISSA Events
9. Industry Events

Sponsors

View the Business Benefits of Secure Remote Access Web Event with featured analyst, John Girard Vice President, Gartner’s Information Security and Privacy Research Center

Download a copy of our white paper to learn how a unified approach to information protection is the most effective means of protecting sensitive data while increasing collaboration.  

 

Join in Discussion of Information Security Legislative Trends Now on ISSA Connect

If you missed this week’s ISSA Web Conference, simply register and begin viewing on-demand. Click here to register now.

Click here to download the presentation slides

Click here to continue in conversation about this topic on ISSA Connect

Web Conference Overview: Have you got or planning a roadmap for information security efforts over the coming months or years? Have you taken into account the potential impact of existing, newly enacted, or soon to be implemented legislation? Legal and regulatory areas have considerably impacted the InfoSec environment over the last 10-20 years. It is a challenging area for professionals to navigate the potential mines set by differing national and international authorities and deal with the way interpretation evolves. Increasingly the consequences of non-compliance are becoming more concrete and substantial and in order not to get caught you need to keep abreast of what is happening and in the pipeline and the implications for business and individuals. This conference looks to pull together a truly global view in an easy to digest format. Conference presenters include:

Robert Carolina – Partner, Origin; Senior Visiting Fellow, InfoSec Group - Royal Holloway University of London

Joe Tasker – Independent Consultant; formerly Sr. VP and General Counsel, Information Technology Association of America

Sean Glynn – Vice President Marketing, CREDANT Technologies

Dr. Simone Fischer-Hübner – Professor, Department of Computer Science, Karlstad University

Web Conference Sponsored by:

Nominations for Your International Board of Directors

Send to the Election Chair by March 15

Elections for the ISSA International Board of Directors are approaching. This year members will elect the International President and five (5) directors.

International Board terms are for two years. Members are expected to attend three to four face-to-face meetings annually and participate in conference calls in months when no face-to-face meeting is held. All Board members are expected to support their elected positions with such time and effort as is required to enable the association to continually improve its services, its position within the industry, and its effectiveness.

Candidates for President must be experienced members of the International Board. Anyone interested in being nominated as a Director can learn about the International Board of Directors' responsibilities in Article VI of the ISSA By-Laws. For more information on the election and nomination process, click here.

Does Privacy Exist in the Age of Social Networking?

The February issue of the ISSA Journal is one of two print editions that will be mailed to you this year. If it hasn’t already arrived in your mailbox, it should arrive soon! Click on the cover image for the online magazine, here for individual articles, or join the discussion in ISSA Connect.

Featured articles include:

Does Privacy Exist in the Age of Social Networking?

Will End-to-End Encryption Save Us All?

How Virtualization Affects PCI DSS: A Review of the Top Five Issues

Risk Management in the Web 2.0 Environment

ISSA Journal and the Kindle DX: The ISSA Journal displays quite nicely on the Kindle DX. To download the Journal to your Kindle DX, simply download the PDF from either the ISSA website or from the online BlueToad version (choose PDF from top menu bar). Once you've downloaded the file, hook up the Kindle DX's USB cable and transfer it to the document directory.

Top 10 Security Threats in 2010

Click here to register and begin viewing this on-demand webinar

Webcast Description: As 2010 begins we want to take a look at some of the Top Security Threats organization are facing. Join us in a lively discussion as we debate the Top 10 Security Predictions for 2010.

Webcast Sponsored by:

Attending RSA? Visit the ISSA Booth

Are you planning on attending RSA in San Francisco, California, March 1 – 5, 2010?

Visit our booth, #230, and enter a drawing to win a free year's membership inclusive of chapter dues (can be used to extend your existing membership). There will also be a separate drawing for vendors for a chance to win a full page 4-color ad in the ISSA Journal.

Invite your friends and business associates who are not ISSA members to visit the ISSA booth and join during the conference. If they join ISSA during the conference, we will send you a special gift as a token of appreciation.

Booth shifts are still available on Tuesday and Thursday; please contact Dana Paulino or by calling (866) 349-5818, extension 103 to volunteer.

Congratulations to the Membership Survey Prize Winners!

Thank you to everyone who took part in the ISSA Membership Survey. Through the information collected, ISSA hopes to better serve the professional community and support members worldwide. We would like to recognize Michael Kinney and Melissa McCoy for participating in the survey; who were randomly selected to receive the $100 VISA gift cards. Congratulations.

2010 ISSA Web Conferences

Cyber Crime: Redefining the Criminal World

Available now for on-demand viewing
Sponsored by:

Information Security Legislative Trends

Available now for on-demand viewing
Sponsored by:

Data Privacy: Complying with Current Laws

Live Event: March 16, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London
Sponsored by:

Securing Mobile Devices

Live Event: April 20, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London
Sponsored by:

Application Security: Selling Application Security to Upper Management

Live Event: May 11, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Cloud Computing: Relationships with Third Party “Trusted” Security Providers

Live Event: June 15, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Biometrics: State of the Union

Live Event: August 31, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Interested in sponsoring an ISSA Web Conference educational programs? Click here for details.

ISSA Events

Border Security 2010

Poland Chapter

• March 3 - 4, 2010
• Crowne Plaza St Peters, Rome

Discount to ISSA Members: £100
For event details and registration CLICK HERE

InnoTech – The Business & Technology Innovation Conference & Expo

Alamo Chapter (San Antonio, Texas)

• March 4, 2010
• 8:00 – 4:30 CST
• Norris Conference Center

Cost: $25.00
For event details and registration click here

CISSP Exam Review

Raleigh, NC Chapter

• March 13, 20, 27 and April 10, 2010
• 8:00 am – 2:00 pm
• The McKimmon Center, NC State University
• Raleigh NC

Cost: For all four sessions: $100 ISSA Members; $200 for Non-Members
Required student resources: Study Book - CISSP Certification All-in-One Exam Guide (4th Edition)
Free Quiz: http://www.freepracticetests.org/quiz/home.php
Forum for answers to your questions and more: http://cccure.org/
For event details and registration click here
For more information, please contact: educationdirector@raleigh.issa.org

March 2010 meeting

Northern New Mexico Chapter

• March 24, 2010
• 11:30 a.m. – 1:00 p.m.
• Century Bank Operations Center at 2108 Warner Ave.
• Santa Fe, NM, USA

Cost: $5.00 for lunch (deli sandwich buffet)
Click here to request information about the event and to register

ISC2 Exam Date

Raleigh, NC Chapter

• April 24, 2010
• 8:00 a.m. – 4:00 p.m.
• The McKimmon Center, NC State University
• Raleigh, NC, USA

Cost: You may register for the examination on the ISC(2) Web site.
There is a $599 examination fee. For event details and registration CLICK HERE

2010 Rocky Mountain Information Security Conference

Denver Chapter

• May 5, 2010
• 7:00am – 5:30pm
• Marriott Denver Tech Center
• 4900 South Syracuse St, 80237
• Denver, CO, USA

Discount to ISSA Members: 20%
Discount code: “partner”
For details and registration click here

2010 ISSA International Conference

Connect & Collaborate

• September 15 – 17, 2010
• Atlanta, Georgia - USA

Mark your calendar to connect and collaborate at the 2010 ISSA International Conference

For event details CLICK HERE

Sixth Annual Triangle InfoSeCon

Raleigh, NC Chapter

• October 21, 2010
• 8:00 a.m. - 4:30 p.m.
• The McKimmon Center, NC State University
• Raleigh, NC, USA

From now until October 9th: ISSA Members at $30; Sister Org. Members (ISACA, InfraGuard, OWASP) at $40; Government at $40; Other attendees - $65
After Early Bird Close - October 10th - 20th: Registration for ALL is $85 for any online registrations or for on-site registration (cash or check only)
For event details and registration CLICK HERE
Interestd in Sponsorship - Conference Sponsorships; Chapter/Conference Sponsor

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

San Francisco, CA	February 28 - March 1, 2010
Washington, DC Area	May 20 - 21, 2010
Atlanta, GA	September 16 - 17, 2010
Phoenix, AZ	November 4 - 5, 2010

For details on the CISO Forum please visit CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Complete membership criteria is available at: http://ciso.issa.org/Membership/Membership-Criteria.html

Industry Events

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
Complimentary Expo Pass Code: CLICK HERE to request
For event details and registration CLICK HERE

SecureWorld Expo

March 23 - 24, 2010

• Boston SecureWorld Expo
• Hynes Convention Center
• Boston, MA, USA

April 27 - 28, 2010

• Atlanta SecureWorld Expo
• Cobb Galleria Centre
• Atlanta, GA, USA

May 12 - 13, 2010

• Philadelphia SecureWorld Expo
• Valley Forge Convention Center
• King of Prussia, PA, USA

September 22 - 23, 2010

• Bay Area SecureWorld Expo
• Santa Clara Convention Center
• Santa Clara, CA, USA

October 6 - 7, 2010

• Detroit SecureWorld Expo
• Ford Conference and Event Center
• Dearborn, MI, USA

October 27 - 28, 2010

• Seattle SecureWorld Expo
• Meydenbauer Convention Center
• Bellevue, WA, USA

November 3 - 4, 2010

• Dallas SecureWorld Expo
• Plano Convention Centre
• Plano, TX, USA

December 7 - 8, 2010

• Phoenix SecureWorld Expo
• Phoenix Convention Center
• Phoenix, AZ, USA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS10.

SecureWorld+ Extended Training 2010 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS10.

For event details and registration go to: http://www.secureworldexpo.com/

InfoSec World 2010

Central Florida Chapter

• April 19 - 21, 2010
• Disney's Coronado Springs Resort
• Orlando, FL, USA

Cost: Regular Main Conference Fee - $1795
Discount to ISSA Members: 10% off
Discount Code: OS10/ISSA
For event details CLICK HERE
For event registration CLICK HERE

CYBER DEFENCE

ISSA Poland and ISSA UK Chapters

• May 17 – 18, 2010
• Swissôtel, Tallinn, Estonia

Cost: Military/Government = £1099 and Commercial = £1499
Discount to ISSA Members = £150
Discount Code: W23 ISSA
For event details and registration CLICK HERE

14th Annual Colloquium for Information Systems Security Education

• June 7 - 9, 2010
• Marriott Baltimore Camden Yards
• Baltimore, Maryland, USA

Cost: Early Bird: $375, After March 31st - $450, After April 30th - $475
Discount to ISSA Members: $375 until May 15th, after May 15th - $425
Discount Code: ISSA-2010 (to be used on the Colloquium Registration form)
For event details and registration CLICK HERE

CLICK HERE for more upcoming Industry Events

In this Issue

1. Bill Danigelis Appointed International Vice President
2. Nominations Open for International Board of Directors
3. Deadline for Fellow Nominations: February 15
4. Information Security Legislative Trends: ISSA Web Conference, February 16
5. Get a 2-Week Head Start on Your February Journal: Read it Now
6. Security Architecture: Submit Your Article Now for the March Journal d
7. Attending RSA? Volunteer for the ISSA Booth
8. Give Your Opinion: Microsoft Perception Survey
9. 2010 ISSA Web Conference Series
10. ISSA Events
11. Industry Events

Sponsors

View the Business Benefits of Secure Remote Access Web Event with featured analyst, John Girard Vice President, Gartner’s Information Security and Privacy Research Center

Download a copy of our white paper to learn how a unified approach to information protection is the most effective means of protecting sensitive data while increasing collaboration.  

 

Bill Danigelis Appointed International Vice President

Bill Danigelis, Silicon Valley Chapter, has been appointed by International President Kevin Richards as the Vice President of the Board of Directors. An ISSA member for 13 years, Danigelis currently represents the US Western Region on the Chapter Presidents Advisory Council (CPAC). He has served on his Chapter Board of Directors for 9 years including three years as President and was a director on the International Board from 2007-2009.

Call for Nominations for Your International Board of Directors

Send to the Election Chair by March 15

Elections for the ISSA International Board of Directors are approaching. This year members will elect the International President and five (5) directors.

International Board terms are for two years. Members are expected to attend three to four face-to-face meetings annually and participate in conference calls in months when no face-to-face meeting is held. All Board members are expected to support their elected positions with such time and effort as is required to enable the association to continually improve its services, its position within the industry, and its effectiveness.

Candidates for President must be experienced members of the International Board. Anyone interested in being nominated as a Director can learn about the International Board of Directors' responsibilities in Article VI of the ISSA By-Laws. For more information on the election and nomination process, click here.

Deadline for Fellow Nominations: February 15

Nominations will be accepted for the ISSA Fellow Program until midnight US Pacific time on February 15. For details on the qualifications and nomination process, click here.

The ISSA Fellow Program recognizes remarkable accomplishments in the field of information security and leadership as well as future service to the association and profession. Members may be awarded Fellow status in three categories: Senior Member, Fellow or Distinguished Fellow. Candidates may be nominated by an existing Fellow of comparable rank, Chapter Presidents Advisory Council (CPAC) representative, International Board member or, in the case of Senior Member, a Chapter President.

Information Security Legislative Trends: ISSA Web Conference

February 16, 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Dr. Simone Fischer-Hübner, Karlsbad University; Robert Carolina, Royal Holloway University of London and Joe Tasker, Information Technology Association of America, will discuss legal and regulatory issues that have affected the infosec environment over the past two decades. Increasingly the consequences of non-compliance are becoming more concrete and substantial and in order not to get caught out you need to keep abreast of current and pending laws and the implications for business and individuals. This conference pulls together a truly global view in an easy to digest format. CLICK HERE to register for this ISSA Web Conference

The ISSA Journal - February 2010

Not a member? Read this month’s feature article - Dysfunction Junction: Do Standards Function? - at no cost or Join Now and gain full access to the ISSA Journal.

ISSA Journal and the Kindle DX: The ISSA Journal displays quite nicely on the Kindle DX. To download the Journal to your Kindle DX, simply download the PDF from either the ISSA website or from the online BlueToad version (choose PDF from top menu bar). Once you've downloaded the file, hook up the Kindle DX's USB cable and transfer it to the document directory.

Security Architecture: Submit Your Article Now for the March Journal

Designing and deploying a comprehensive security solution involves more that understanding information security policy, firewall rules, access control lists, and hardening operating systems, to name but a few. Developing a holistic security solution typically involves the elaboration of a security architecture that functions as a framework for engineering and implementing various security controls. This is often a risk analysis-based process that considers the business and technical requirements that an organization must address, in conjunction with evaluating threats, risks, and vulnerabilities that may exist. Often formalized methods are used to develop security architecture. The ISO 27001 and ISO 27002 standards, for example, provide guidance on how to create an Information Security Management System using different security control objectives; NIST 800-53 takes a similar approach.

The ISSA Journal Editorial Advisory Board would like to hear from you regarding your experience with security architecture. What approach is the most successful in your environment? What methodology do you use?

Do you use a risk-based approach or something else? How do you measure the success of your security architecture? What works? What doesn't?

Please submit articles by February 12 to the Journal Editor . Editorial guidelines are available in the Journal section of ISSA.org.

RSA Conference 2010

Have you registered for RSA in San Francisco, California, March 1 – 5, 2010? Would you be willing to volunteer 3 hours to share your enthusiasm for ISSA with colleagues who are not yet members? You will also have the opportunity to greet and get to know fellow members from all over the world.

If you can help out by working a shift in the ISSA Booth, please contact Dana Paulino or by calling (866) 349-5818, extension 103 to sign up.

Give Your Opinion: Microsoft Perception Survey

Sponsored By: Microsoft

Survey Overview:
As a part of Microsoft’s partnership with ISSA, we would like to gain feedback on specific security related activities that will help shape sales, marketing and outreach activities for the coming year. Microsoft’s Trustworthy Computing group has a long history of gaining ISSA members’ feedback starting with the Job Readiness survey launched in 2007.

Microsoft continues to partner with ISSA to better understand the security professionals thoughts on our efforts towards a safer more trusted internet experience. Your feedback will help shape Microsoft’s efforts today and moving forward.

At the end of the survey, one lucky winner will win an XBOX 360 Elite we will give away through a random drawing.

Survey: http://www.keysurvey.com/survey/291143/11a2/

2010 ISSA Web Conferences

Cyber Crime: Redefining the Criminal World

Available now for on-demand viewing
Sponsored by:

Information Security Legislative Trends

Live Event: February 16, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Data Privacy: Complying with Current Laws

Live Event: March 16, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London
Sponsored by:

Securing Mobile Devices

Live Event: April 20, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London
Sponsored by:

Application Security: Selling Application Security to Upper Management

Live Event: May 11, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Cloud Computing: Relationships with Third Party “Trusted” Security Providers

Live Event: June 15, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Biometrics: State of the Union

Live Event: August 31, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Interested in sponsoring an ISSA Web Conference educational programs? Click here for details.

 

ISSA Events

Border Security 2010

Poland Chapter

• March 3 - 4, 2010
• Crowne Plaza St Peters, Rome

Discount to ISSA Members: £100
For event details and registration CLICK HERE

2010 ISSA International Conference

Connect & Collaborate

• September 15 – 17, 2010
• Atlanta, Georgia - USA

Mark your calendar to connect and collaborate at the 2010 ISSA International Conference

For event details CLICK HERE

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

San Francisco, CA	February 28 - March 1, 2010
Washington, DC Area	May 20 - 21, 2010
Atlanta, GA	September 16 - 17, 2010
Phoenix, AZ	November 4 - 5, 2010

For details on the CISO Forum please visit CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Complete membership criteria is available at: http://ciso.issa.org/Membership/Membership-Criteria.html

CLICK HERE for more upcoming ISSA Events

 

Industry Events

American Conference Institute's 9th National Symposium on Privacy & Security of Consumer & Employee Information

• January 27 – 28, 2010
• Washington, D.C., USA

Discount to ISSA Members: $200 discount
Discount Code: "ISSA"
Event details and registration CLICK HERE

SecureWorld Expo

February 10 - 11, 2010

• Houston SecureWorld Expo
• Reliant Center
• Houston, TX, USA

March 23 - 24, 2010

• Boston SecureWorld Expo
• Hynes Convention Center
• Boston, MA, USA

April 27 - 28, 2010

• Atlanta SecureWorld Expo
• Cobb Galleria Centre
• Atlanta, GA, USA

May 12 - 13, 2010

• Philadelphia SecureWorld Expo
• Valley Forge Convention Center
• King of Prussia, PA, USA

September 22 - 23, 2010

• Bay Area SecureWorld Expo
• Santa Clara Convention Center
• Santa Clara, CA, USA

October 6 - 7, 2010

• Detroit SecureWorld Expo
• Ford Conference and Event Center
• Dearborn, MI, USA

October 27 - 28, 2010

• Seattle SecureWorld Expo
• Meydenbauer Convention Center
• Bellevue, WA, USA

November 3 - 4, 2010

• Dallas SecureWorld Expo
• Plano Convention Centre
• Plano, TX, USA

December 7 - 8, 2010

• Phoenix SecureWorld Expo
• Phoenix Convention Center
• Phoenix, AZ, USA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS10.

SecureWorld+ Extended Training 2010 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS10.

For event details and registration go to: http://www.secureworldexpo.com/

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
Complimentary Expo Pass Code: CLICK HERE to request
For event details and registration CLICK HERE

InfoSec World 2010

Central Florida Chapter

• April 19 - 21, 2010
• Disney's Coronado Springs Resort
• Orlando, FL, USA

Cost: Regular Main Conference Fee - $1795
Discount to ISSA Members: 10% off
Discount Code: OS10/ISSA
For event details CLICK HERE
For event registration CLICK HERE

CYBER DEFENCE

ISSA Poland and ISSA UK Chapters

• May 17 – 18, 2010
• Swissôtel, Tallinn, Estonia

Cost: Military/Government = £1099 and Commercial = £1499
Discount to ISSA Members = £150
Discount Code: W23 ISSA
For event details and registration CLICK HERE

14th Annual Colloquium for Information Systems Security Education

• June 7 - 9, 2010
• Marriott Baltimore Camden Yards
• Baltimore, Maryland, USA

Cost: Early Bird: $375, After March 31st - $450, After April 30th - $475
Discount to ISSA Members: $375 until May 15th, after May 15th - $425
Discount Code: ISSA-2010 (to be used on the Colloquium Registration form)
For event details and registration CLICK HERE

CLICK HERE for more upcoming Industry Events

In this Issue

1. Give Your Feedback to Your New ISSA International President
2. Kevin Richards Succeeds Howard A. Schmidt as ISSA International President
3. Vote Now for the Most Over-Hyped Story of 2009
4. Cyber Crime: Redefining the Criminal World – ISSA Web Conference, January 26
5. Industry Survey: January 2010 Microsoft Perception Survey
6. Information Security Breach Disclosure: The ISSA Journal
7. Connect Welcomes 1,500th Member
8. Nominations Open for Fellow Program
9. 2010 ISSA Web Conference Series
10. ISSA Events
11. Industry Events

Sponsors

Replacing Cisco CS-MARS. Upgrade to SIEM 2.0 at your CS-MARS maintenance cost. Rapid, integrated and automated results from the MARS originators.

The ISSA Journal

Volume 8 Issue 1 

Featured articles include:

Information Security Breach Disclosure: When, How Much, and To Whom

Will End-to-End Encryption Save Us All?

How Virtualization Affects PCI DSS: A Review of the Top Five Issues

Defining Tokenization and the Security It Provides

The Human Firewall Convergence, Paradigm Shifts, and Reaching the Village

Blue Toad - Online Version  |  Members click here to download the full version PDF

Give Your Feedback to Your New ISSA International President

ISSA Members,

Thank you for the wonderful wave of well wishes as I step into the role of ISSA International President! As a global community, our presence in the information security profession is best harnessed by capturing your thoughts and ideas on how to better our association, how to better our profession, and how to prepare all of our members - past, present and future - to the changes that await us all as we progress through our careers. I look forward to hearing your ideas. Please take the time to share.

Warmest regards,

Kevin Richards

Kevin Richards Succeeds Howard A. Schmidt as ISSA International President

Portland, OR, January 18, 2010 – The Information Systems Security Association (ISSA) announced today that Kevin Richards has been appointed as the President of its International Board of Directors following the resignation of Howard A. Schmidt. Schmidt has been selected by United States President Barack Obama to serve as the cybersecurity coordinator for the White House.

Richards has served on the ISSA International Board since 2003, initially in a global chapter relations capacity and then as the international vice president since 2007. A past president of the Chicago ISSA Chapter, Richards is an information security and risk management advisor for Crowe Horwath with more than 18 years of experience in information security, business continuity and information risk management. His expertise ranges from risk analysis and program design to information security and business continuity program development and leading practices.

“Kevin is the best person I can think of to take over the role of President as his passion, investment of time and belief in ISSA in unparalleled, and he has led with integrity and the highest ethical standards,” said Mr. Schmidt. “I wish him continued success in all he does.”

“It is a privilege to have this opportunity to serve ISSA’s 10,000 members and 141 chapters,” acknowledges Richards. “In addition to serving in the White House, ISSA members lead security programs for the largest corporations in the world – in technology, health care, manufacturing, pharmaceuticals, aerospace, utilities, education and e-commerce. ISSA members are developing cutting-edge, new security technologies – as well as being foundational in the development of the tools we use every day. I am excited to have this leadership role and look forward to collaborating with the ISSA members around the world.”

The ISSA, http://www.issa.org/, is the largest international professional association for information security professionals with a trusted global community that shares, networks, and collaborates to solve the ever-changing cybersecurity threats that impact us daily. Members are consistently recognized as experts on critical issues in the field and provide leadership and important resources for small businesses, global enterprises, and government organizations.

Vote Now for the Most Over-Hyped Story of 2009

There’s still time to vote for the Most Over-hyped Security Story of the year. Login to ISSA Connect.

Let’s remind the world that there is risk and then there (may be) hype. But skip the headlines and get to the meat of the content. Are the nominees overhyped or not? Why or why not? How can one event (Heartland) be on the Most Significant and Most Overhyped list? Help us provide the clarity our members, and the rest of the world, are looking for by diving deeper into the issues.

The final category of our 2009 Retrospective Series has been unveiled. Make your nomination for 2009’s Most Significant Security Achievement. It might be the release of a new technology, the thwarting of a major breach, the prosecution of a bad guy (hint, hint), the launching of an industry initiative, or anything else that you believe will have a significant impact on our ability to secure the Internet as we move forward.

Cyber Crime: Redefining the Criminal World

ISSA Web Conference

Date: January 26, 2010
Start Time: 9:00 a.m. US Pacific/ Noon US Eastern/ 5:00 p.m. London

Click here to register for this upcoming ISSA Web Conference

Web Conference Overview: While crime still occurs in what we think of as a traditional fashion, the advent of high speed public networks and portability of corporate secrets has enabled it to evolve. That is we find ourselves dealing with an entirely new class of crime. This crime is very effective given the speeds of networks and or their access to key assets. What makes it worse is that the crime may be perpetrated by entities not even in the legal jurisdiction of where the crime takes place. Understanding how some of these crimes occurred and what could have been done to prevent them is crucial for our profession.

Sponsored by:

CLICK HERE to register for this ISSA Web Conference

Industry Survey: January 2010 Microsoft Perception Survey

Sponsored By: Microsoft

Survey Overview:
As a part of Microsoft’s partnership with ISSA, we would like to gain feedback on specific security related activities that will help shape sales, marketing and outreach activities for the coming year. Microsoft’s Trustworthy Computing group has a long history of gaining ISSA members’ feedback starting with the Job Readiness survey launched in 2007.

Microsoft continues to partner with ISSA to better understand the security professionals thoughts on our efforts towards a safer more trusted internet experience. Your feedback will help shape Microsoft’s efforts today and moving forward.

At the end of the survey, one lucky winner will win an XBOX 360 Elite we will give away through a random drawing.

Survey: http://www.keysurvey.com/survey/291143/11a2/

Information Security Breach Disclosure: The ISSA Journal

Volume 8 Issue 1 

Featured articles include:

Information Security Breach Disclosure: When, How Much, and To Whom

Will End-to-End Encryption Save Us All?

How Virtualization Affects PCI DSS: A Review of the Top Five Issues

Defining Tokenization and the Security It Provides

The Human Firewall Convergence, Paradigm Shifts, and Reaching the Village

Blue Toad - Online Version  |  Members click here to download the full version PDF

ISSA Journal and the Kindle DX:

The ISSA Journal displays quite nicely on the Kindle DX. To download the Journal to your Kindle DX, simply download the PDF from either the ISSA website or from the online BlueToad version (choose PDF from top menu bar). Once you've downloaded the file, hook up the Kindle DX's USB cable and transfer it to the document directory.

Connect Welcomes 1,500th Member

Congratulations to new member Don Baham of Silicon Valley who was the 1,500th member to join the ISSA Connect professional network. In recognition of this milestone, the Connect Council will be sending him an ISSA golf shirt.

Don was referred by a colleague and is looking to pursue his CISSP. Please log in to Connect and get acquainted with Don.

If you haven’t yet explored Connect, click here to get started. As with any new software with such a broad feature set, getting the hang of how to use the Jive software can be a challenge. This session provides an informal overview of ways to get around Connect – see who is Connected, start a discussion, post a comment in the online Journal, and more.

Nominations Open for ISSA Fellow Program

All nominations must be received by midnight US Pacific time on February 15

The ISSA Fellow Program recognizes remarkable accomplishments in the field of information security and leadership as well as future service to the association and profession. Members may be awarded Fellow status in three categories: Senior Member, Fellow or Distinguished Fellow. Candidates may be nominated by an existing Fellow of comparable rank, Chapter Presidents Advisory Council (CPAC) representative, International Board member or, in the case of Senior Member, a Chapter President.

Nominations will be accepted for the ISSA Fellow Program until midnight US Pacific time on February 15, 2010. For details on the qualifications and nomination process, click here.

2010 ISSA Web Conferences

Cyber Crime: Redefining the Criminal World

Live Event: January 26, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London
Sponsored by:

Information Security Legislative Trends

Live Event: February 16, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Data Privacy: Complying with Current Laws

Live Event: March 16, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London
Sponsored by:

Securing Mobile Devices

Live Event: April 20, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London
Sponsored by:

Application Security: Selling Application Security to Upper Management

Live Event: May 11, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Cloud Computing: Relationships with Third Party “Trusted” Security Providers

Live Event: June 15, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Biometrics: State of the Union

Live Event: August 31, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Interested in sponsoring an ISSA Web Conference educational programs? Click here for details.

 

ISSA Events

Border Security 2010

Poland Chapter

• March 3 - 4, 2010
• Crowne Plaza St Peters, Rome

Discount to ISSA Members: £100
For event details and registration CLICK HERE

2010 ISSA International Conference

Connect & Collaborate

• September 15 – 17, 2010
• Atlanta, Georgia - USA

Mark your calendar to connect and collaborate at the 2010 ISSA International Conference

For event details CLICK HERE

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

San Francisco, CA	February 28 - March 1, 2010
Washington, DC Area	May 20 - 21, 2010
Atlanta, GA	September 16 - 17, 2010
Phoenix, AZ	November 4 - 5, 2010

For details on the CISO Forum please visit CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Complete membership criteria is available at: http://ciso.issa.org/Membership/Membership-Criteria.html

CLICK HERE for more upcoming ISSA Events

 

Industry Events

American Conference Institute's 9th National Symposium on Privacy & Security of Consumer & Employee Information

• January 27 – 28, 2010
• Washington, D.C., USA

Discount to ISSA Members: $200 discount
Discount Code: "ISSA"
Event details and registration CLICK HERE

SecureWorld Expo

February 10 - 11, 2010

• Houston SecureWorld Expo
• Reliant Center
• Houston, TX, USA

March 23 - 24, 2010

• Boston SecureWorld Expo
• Hynes Convention Center
• Boston, MA, USA

April 27 - 28, 2010

• Atlanta SecureWorld Expo
• Cobb Galleria Centre
• Atlanta, GA, USA

May 12 - 13, 2010

• Philadelphia SecureWorld Expo
• Valley Forge Convention Center
• King of Prussia, PA, USA

September 22 - 23, 2010

• Bay Area SecureWorld Expo
• Santa Clara Convention Center
• Santa Clara, CA, USA

October 6 - 7, 2010

• Detroit SecureWorld Expo
• Ford Conference and Event Center
• Dearborn, MI, USA

October 27 - 28, 2010

• Seattle SecureWorld Expo
• Meydenbauer Convention Center
• Bellevue, WA, USA

November 3 - 4, 2010

• Dallas SecureWorld Expo
• Plano Convention Centre
• Plano, TX, USA

December 7 - 8, 2010

• Phoenix SecureWorld Expo
• Phoenix Convention Center
• Phoenix, AZ, USA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS10.

SecureWorld+ Extended Training 2010 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS10.

For event details and registration go to: http://www.secureworldexpo.com/

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
Complimentary Expo Pass Code: CLICK HERE to request
For event details and registration CLICK HERE

InfoSec World 2010

Central Florida Chapter

• April 19 - 21, 2010
• Disney's Coronado Springs Resort
• Orlando, FL, USA

Cost: Regular Main Conference Fee - $1795
Discount to ISSA Members: 10% off
Discount Code: OS10/ISSA
For event details CLICK HERE
For event registration CLICK HERE

CYBER DEFENCE

ISSA Poland and ISSA UK Chapters

• May 17 – 18, 2010
• Swissôtel, Tallinn, Estonia

Cost: Military/Government = £1099 and Commercial = £1499
Discount to ISSA Members = £150
Discount Code: W23 ISSA
For event details and registration CLICK HERE

14th Annual Colloquium for Information Systems Security Education

• June 7 - 9, 2010
• Marriott Baltimore Camden Yards
• Baltimore, Maryland, USA

Cost: Early Bird: $375, After March 31st - $450, After April 30th - $475
Discount to ISSA Members: $375 until May 15th, after May 15th - $425
Discount Code: ISSA-2010 (to be used on the Colloquium Registration form)
For event details and registration CLICK HERE

CLICK HERE for more upcoming Industry Events

In this Issue

1. Obama Appoints Howard A. Schmidt Cybersecurity Coordinator
2. Exclusive Delivery: Your January 2010 ISSA Journal
3. Nominations Open for Fellow Program
4. Submit the Most Over-Hyped Story of 2009 and Win
5. 2010 ISSA Web Conference Series
6. ISSA Events
7. Industry Events

Obama Appoints Howard A. Schmidt - Cybersecurity Coordinator

Dear ISSA Members,

It is with great excitement that I pass along some wonderful news. On December 22, 2009, our ISSA International President, Howard A. Schmidt, was officially appointed by United States President Obama to serve as the White House’s Cybersecurity Coordinator. You can see the official announcement here. In this role, Howard will have the opportunity to craft and coordinate a cybersecurity strategy for the United States government. This is the second time a United States President has called on Howard, the first was in 2003 when he served President Bush as the vice chair of the President’s Critical Infrastructure Protection Board. Howard will be able to leverage his many years of information security experiences, as well as a global network of ISSA colleagues, to achieve his White House goals and objectives.

As we get ready to embark on the year 2010, it is a wonderful opportunity to reflect on the impact ISSA members have made on our industry and profession over the last 25 years. In addition to serving in the White House, ISSA members lead security programs for the largest corporations in the world – in technology, health care, manufacturing, pharmaceuticals, aerospace, utilities, education and e-commerce; ISSA members are developing cutting-edge, new security technologies – as well as being foundational in the development of the tools we use every day; ISSA members have created the standards and certifications that have become mandatory to serve as an information security professional; most importantly, though, ISSA members form a global community that shares, networks, and collaborates on ways to face the new cybersecurity threats that impact us daily. Howard’s appointment to the White House is a shining example of the importance and criticality of our role and our profession. As the announcement stated, “Cybersecurity matters to all of us. Protecting the internet is critical to our national security, public safety and our personal privacy and civil liberties.”

Please join me in congratulating my friend and colleague in his new role. Great job Howard!

To all ISSA members, thank you for making the ISSA the pre-eminent, trusted, global information security community.

Warmest regards,
Kevin Richards
Vice President, ISSA International

 

Exclusive Delivery: Your January 2010 ISSA Journal

Information Security Breach Disclosure: When, How Much, and To Whom

By M. Scott Koger

This article discusses suggested best practices for planning the timing, amount, and appropriate target audience of post-incident disclosure in light of legal, regulatory, and ethical obligations faced by information security professionals in medium to large organizations.

Click here to login to ISSA Connect and continue reading this or other journal articles

Click here to download the complete January 2010 issue.

 

Nominations Open for ISSA Fellow Program

All nominations must be received by midnight US Pacific time on February 15

The ISSA Fellow Program recognizes remarkable accomplishments in the field of information security and leadership as well as future service to the association and profession. Members may be awarded Fellow status in three categories Senior Member, Fellow or Distinguished Fellow. Candidates may be nominated by an existing Fellow of comparable rank, Chapter Presidents Advisory Council (CPAC) representative, International Board member or, in the case of Senior Member, a Chapter President.

Nominations will be accepted for the ISSA Fellow Program from January 11 until midnight US Pacific time on February 15, 2010. For details on the qualifications and nomination process, click here.

 

Submit the Most Over-Hyped Security Story and Win

There’s still time for you to propose your recommendation for the Most Over-hyped Security Story of the year. Login to ISSA Connect.

Nominations to date include the H1N1 pandemic and “spam filter to fight global warming”. Put on your thinking caps and search your archives for the story most talked about and least meaningful to the information security community in 2009. Submit up to 3 nominations (along with links to stories, blogs, press releases, etc. related to the event) and make your case. If you don’t have your own candidate, help make the case for or argue against the current nominees. Click here for details.

If your nomination is chosen by a vote of ISSA members as the most compelling, you will win prizes and recognition beyond your wildest dreams! That is, if your wildest dreams are limited to awesome recognition and some ISSA merchandise.

If you haven’t yet explored Connect, click here to get started. As with any new software with such a broad feature set, getting the hang of how to use the Jive software can be a challenge. This session will provide an informal overview of ways to get around Connect – see who is Connected, start a discussion, post a comment in the online Journal, and more.

 

2010 ISSA Web Conferences

Cyber Crime: Redefining the Criminal World

Live Event: January 26, 2010
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Click here to register for this upcoming ISSA Web Conference

Web Conference Overview:  While crime still occurs in what we think of as a traditional fashion, the advent of high speed public networks and portability of corporate secrets has enabled it to evolve. That is we find ourselves dealing with an entirely new class of crime. This crime is very effective given the speeds of networks and or their access to key assets. What makes it worse is that the crime may be perpetrated y entities not even in the legal jurisdiction of where the crime takes place. Understanding how some of these crimes occurred and what could have been done to prevent them is crucial for our profession.

Sponsored by:

Information Security Legislative Trends

Live Event: February 16, 2010

Data Privacy: Complying with Current Laws

Live Event: March 16, 2010

Sponsored by:

Securing Mobile Devices

Live Event: April 20, 2010

Application Security: Selling Application Security to Upper Management

Live Event: May 11, 2010

Cloud Computing: Relationships with Third Party “Trusted” Security Providers

Live Event: June 15, 2010

Biometrics: State of the Union

Live Event: August 31, 2010

Interested in sponsoring these ISSA educational programs? Click here for details.

 

ISSA Events

2010 ISSA International Conference

Connect & Collaborate

• September 15 – 17, 2010
• Atlanta, Georgia - USA

Mark your calendar to connect and collaborate at the 2010 ISSA International Conference

For event details CLICK HERE

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

San Francisco, CA	February 28 - March 1, 2010
Washington, DC Area	May 20 - 21, 2010
Atlanta, GA	September 16 - 17, 2010
TBD	November 2010

For details on the CISO Forum please visit CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

CLICK HERE for upcoming ISSA Chapter Events

 

Industry Events

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
For event details and registration CLICK HERE

SecureWorld Expo

February 10 - 11, 2010

• Houston SecureWorld Expo
• Reliant Center
• Houston, TX, USA

March 23 - 24, 2010

• Boston SecureWorld Expo
• Hynes Convention Center
• Boston, MA, USA

April 27 - 28, 2010

• Atlanta SecureWorld Expo
• Cobb Galleria Centre
• Atlanta, GA, USA

May 12 - 13, 2010

• Philadelphia SecureWorld Expo
• Valley Forge Convention Center
• King of Prussia, PA, USA

September 22 - 23, 2010

• Bay Area SecureWorld Expo
• Santa Clara Convention Center
• Santa Clara, CA, USA

October 6 - 7, 2010

• Detroit SecureWorld Expo
• Ford Conference and Event Center
• Dearborn, MI, USA

October 27 - 28, 2010

• Seattle SecureWorld Expo
• Meydenbauer Convention Center
• Bellevue, WA, USA

November 3 - 4, 2010

• Dallas SecureWorld Expo
• Plano Convention Centre
• Plano, TX, USA

December 7 - 8, 2010

• Phoenix SecureWorld Expo
• Phoenix Convention Center
• Phoenix, AZ, USA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS10.

SecureWorld+ Extended Training 2010 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS10.

For event details and registration go to: http://www.secureworldexpo.com/

CLICK HERE for more upcoming Industry Events

In this Issue

1. ISSA Membership Survey: Tell Us What You Value
2. Simple Guide to European Union Data Privacy
3. September 15-17: The ISSA International Conference
4. Want to Get Connect-ed, But Don’t Know How to Start?
5. InfoSec, 2009 Year in Review and Forecasts for 2010
6. 2010 ISSA Web Conference Series
7. Industry On-Demand Webinars
8. ISSA Events
9. Industry Events

Sponsor

Access the complete Gartner report and get in-depth analysis of the Mobile Data Protection market, compliments of GuardianEdge.

This white paper will provide the reader with guidance on developing a strategic approach to managing and monitoring logs that enables more efficient compliance with regulatory mandates and more effective defense against security threats.

ISSA Membership Survey: Tell Us What You Value

Please take a few minutes to complete this membership survey with your thoughtful assessment of which current ISSA member services you use – and get a chance to win one of two $100 VISA gift cards.

As an ISSA member you are part of a trusted, global information security community dedicated to helping you gain the professional relationships, knowledge and expertise to support you throughout your career and advance the profession as a whole.

Your input is confidential and will let us serve you and your colleagues more effectively.

 

Simple Guide to European Union Data Privacy

Featured ISSA Journal Article

By Karen Öqvist

How can data privacy requirements in the European Union be a driver for data privacy initiatives worldwide? What does it mean to have a data privacy directive for EU member states, and how does this really work in practice?

Click here to login to ISSA Connect and continue reading this or other journal articles

Click here to download the complete December 2009 issue.

 

September 15-17: The ISSA International Conference

Connect & Collaborate

September 15 - 17, 2010
Atlanta, Georgia - USA

We live in an era when the need for information security is growing exponentially. The virtual world brings us a wealth of opportunities for networking and knowledge, but nothing can completely eclipse the trust and information that result from face-to-face connections. You are invited to the ISSA International Conference to share our collective expertise and resources to proactively address the threats and devise solutions for the challenges we face.

Mark your calendar to connect and collaborate at the 2010 ISSA International Conference

ISSA International Conference Events Include:

September 15 - Chapter Leaders Congress

September 16 - ISSA International Conference

September 16 - ISSA Connect – In Person

September 17 - CISO Forum

Volunteers Needed!

Use your talents to bring together the educational offerings, presenters and activities that will be most valuable to you and your colleagues. Work with ISSA leaders and staff to provide direction and shape the conference. 

Committees include:

• Content Development
• Attendee Development
• Sponsorship and Exhibits
• On-Site Support

Email Kate Kanapeaux if you would be interested in lending your time and talent.

Sponsorship Opportunities:

Opportunities to be a sponsor of the event will be available to a limited numbers of companies. Contact Tom Bechtold for information on how your company can get involved.

 

Want to Get Connect-ed, But Don’t Know How to Start?

Click here to begin viewing this webcast

Webcast Overview: Want to get Connect-ed but don’t know where to start? Hopefully by now, you’ve heard of ISSA’s new social network, Connect. As with any new software with such a broad feature set, getting the hang of how to use the Jive software can be a challenge. This session will provide an informal overview of ways to get around Connect – see who is Connected, start a discussion, post a comment in the online Journal, and more.

 

InfoSec, 2009 Year in Review and Forecasts for 2010

Click here to register and begin viewing this ISSA Web Conference

Presentation Includes:

Michael J. Corby - Consulting Director, M Corby & Associates, Inc.

Andy Jones, CISSP - Principal Research Consultant, Information Security Forum

Alex Horan - Director of Product Management with Core Security Technologies

Sponsored by:

CLICK HERE to access this and other ISSA Web Conferences

 

2010 ISSA Web Conferences

Cyber Crime: Redefining the Criminal World

Live Event: January 26, 2010

Sponsored by:

Information Security Legislative Trends

Live Event: February 16, 2010

Data Privacy: Complying with Current Laws

Live Event: March 16, 2010

Sponsored by:

Securing Mobile Devices

Live Event: April 20, 2010

Application Security: Selling Application Security to Upper Management

Live Event: May 11, 2010

Cloud Computing: Relationships with Third Party “Trusted” Security Providers

Live Event: June 15, 2010

Biometrics: State of the Union

Live Event: August 31, 2010

Interested in sponsoring these ISSA educational programs? Click here for details.

 

Industry Webinars

The Audit-Ready Datacenter -- driving the missteps, blindspots, pain and resource consumption out of compliance

Click here to register for this on-demand webinar

Sponsored by:

Protecting Data on Removable Media - The Next Step in Data Protection

Click here to register for this on-demand webinar

Sponsored by: 

Protecting Your Applications from Backdoors: How to Secure Your Business Critical Applications from Time Bombs, Backdoors & Data Leakage

Click here for webinar details and registration link

Sponsored by:

CLICK HERE for a list of all Industry Webinars

 

ISSA Events

2010 ISSA International Conference

Connect & Collaborate

• September 15 – 17, 2010
• Atlanta, Georgia - USA

Mark your calendar to connect and collaborate at the 2010 ISSA International Conference

For event details CLICK HERE

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

San Francisco, CA	February 28 - March 1, 2010
Washington, DC Area	May 20 - 21, 2010
Atlanta, GA	September 16 - 17, 2010
TBD	November 2010

For details on the CISO Forum please visit CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

CLICK HERE for upcoming ISSA Chapter Events

 

Industry Events

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
For event details and registration CLICK HERE

SecureWorld Expo

February 10 - 11, 2010

• Houston SecureWorld Expo
• Reliant Center
• Houston, TX, USA

March 23 - 24, 2010

• Boston SecureWorld Expo
• Hynes Convention Center
• Boston, MA, USA

April 27 - 28, 2010

• Atlanta SecureWorld Expo
• Cobb Galleria Centre
• Atlanta, GA, USA

May 12 - 13, 2010

• Philadelphia SecureWorld Expo
• Valley Forge Convention Center
• King of Prussia, PA, USA

September 22 - 23, 2010

• Bay Area SecureWorld Expo
• Santa Clara Convention Center
• Santa Clara, CA, USA

October 6 - 7, 2010

• Detroit SecureWorld Expo
• Ford Conference and Event Center
• Dearborn, MI, USA

October 27 - 28, 2010

• Seattle SecureWorld Expo
• Meydenbauer Convention Center
• Bellevue, WA, USA

November 3 - 4, 2010

• Dallas SecureWorld Expo
• Plano Convention Centre
• Plano, TX, USA

December 7 - 8, 2010

• Phoenix SecureWorld Expo
• Phoenix Convention Center
• Phoenix, AZ, USA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS10.

SecureWorld+ Extended Training 2010 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS10.

For event details and registration go to: http://www.secureworldexpo.com/

CLICK HERE for more upcoming Industry Events

In this Issue

1. Your December ISSA Journal
2. Announcing: The ISSA International Conference
3. InfoSec, 2009 Year in Review and Forecasts for 2010 – ISSA Web Conference
4. Want to Get Connect-ed, But Don’t Know How to Start?– Online Training: December 15
5. 2010 ISSA Web Conferences
6. ISSA Journal Call for Articles
7. ISSA Career Center
8. Industry On-Demand Webinars
9. ISSA Events
10. Industry Events

Sponsor

Access the complete Gartner report and get in-depth analysis of the Mobile Data Protection market, compliments of GuardianEdge.

This white paper will provide the reader with guidance on developing a strategic approach to managing and monitoring logs that enables more efficient compliance with regulatory mandates and more effective defense against security threats.

Your December ISSA Journal

Featured ISSA Journal Article

“Does Privacy Exist in the Age of Social Networking?”

By Mark Kadrich –  ISSA member, Silicon Valley, USA Chapter

There’s an increasing breakdown of the traditional boundaries between personal and public information, and in the age of Facebook and Twitter, it is a time of cultural shift that is going to take a while to stabilize itself and shake out.

Abstract: Privacy in the Internet age is an emerging and evolving right, and with the rapid breakdown of the traditional boundaries between personal and public information, it is a time of cultural shift that will take a while to stabilize. What you do to adjust can help you ride the wave or crash into the sand. The following article looks at different privacy issues arising in our society today and offers recommendations on how to keep you and your company floating somewhat peacefully through the changes.

Click here to login and continue reading this or other journal articles

 

Announcing: The ISSA International Conference

Connect & Collaborate

September 15 - 17, 2010
Atlanta, Georgia - USA

We live in an era when the need for information security is growing exponentially. The virtual world brings us a wealth of opportunities for networking and knowledge, but nothing can completely eclipse the trust and information that result from face-to-face connections. You are invited to the ISSA International Conference to share our collective expertise and resources to proactively address the threats and devise solutions for the challenges we face.

Mark your calendar to connect and collaborate at the 2010 ISSA International Conference

ISSA International Conference Events Include:

September 15 - Chapter Leaders Congress

September 16 - ISSA International Conference

September 16 - ISSA Connect – In Person

September 17 - CISO Forum

Volunteers Needed!

Use your talents to bring together the educational offerings, presenters and activities that will be most valuable to yourself and your colleagues. Work with ISSA leaders and staff to provide direction and shape the conference. 

Committees include:

• Content Development
• Attendee Development
• Sponsorship and Exhibits
• On-Site Support

Email Kate Kanapeaux if you would be interested in lending your time and talent.

Sponsorship Opportunities:

Opportunities to be a sponsor of the event will be available to a limited numbers of companies. Contact Tom Bechtold for information on how your company can get involved.

 

InfoSec, 2009 Year in Review and Forecasts for 2010

CLICK HERE to register for this ISSA Web Conference

Live Broadcast: December 8, 2009
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Presentation Includes:

Michael J. Corby - Consulting Director, M Corby & Associates, Inc.
Presenting: Responding to Data Privacy Regulations

Andy Jones, CISSP - Principal Research Consultant, Information Security Forum
Presenting: Threat Horizon 2010 - Information Security Threats of the Future

Alex Horan - Director of Product Management with Core Security Technologies
Presenting: Current and Emerging Threats

Web Conference Sponsored by: Core Security Technologies

CLICK HERE to register for this ISSA Web Conference

CLICK HERE to access this and other ISSA Web Conferences

 

Want to Get Connect-ed, But Don’t Know How to Start?

Online Training Webcast

Live Event: December 15, 2009
Start Time: 9:00 am US Pacific/ Noon US Eastern/ 5:00pm London

Webcast Overview: Want to get Connect-ed but don’t know where to start? Hopefully by now, you’ve heard of ISSA’s new social network, Connect. As with any new software with such a broad feature set, getting the hang of how to use the Jive software can be a challenge. This session will provide an informal overview of ways to get around Connect – see who is Connected, start a discussion, post a comment in the online Journal, and more.

Please come to ask your questions about Connect and provide any feedback on its usage.

CLICK HERE to register for this ISSA Webcast

 

2010 ISSA Web Conferences

Cyber Crime: Redefining the Criminal World

Live Event: January 26, 2010
Interested in sponsoring this educational program? Click here for details.

Information Security Legislative Trends

Live Event: February 16, 2010
Interested in sponsoring this educational program? Click here for details.

Data Privacy: Complying with Current Laws

Live Event: March 16, 2010
Sponsored by: Websense

Securing Mobile Devices

Live Event: April 20, 2010
Interested in sponsoring this educational program? Click here for details.

Application Security: Selling Application Security to Upper Management

Live Event: May 11, 2010
Interested in sponsoring this educational program? Click here for details.

Cloud Computing: Relationships with Third Party “Trusted” Security Providers

Live Event: June 15, 2010
Interested in sponsoring this educational program? Click here for details.

 

ISSA Journal Call for Articles

PCI DSS is hotly debated among security professionals, industry pundits, and the victims of its oppressive enforcement. If you accept one or one billion cards per year, you must comply! Companies affected by PCI DSS have varying solutions and security as a baseline decreases the cost to comply. As a security practitioner, what insights, methods, and techniques do you have addressing and ensuring compliance? Please submit articles by December 14 to the ISSA Journal Editor.

Editorial guidelines are available in the Journal section of http://www.issa.org/.

 

ISSA Career Center

Career Opportunities Now Available

Below are a few of the many job posting:

Manager, Computer Security Team
Dartmouth-Hitchcock Medical Center
Lebanon, NH, United States

Assistant Professor, Information Security
University of Calgary
Calgary, AB, Canada

Information Security Associate (516672)
Excel Partners, Inc.
Westport, CT

Information Security - Senior Associate
PricewaterhouseCoopers
McLean, VA, United States

Computer Forensics Examiner
BAE Systems
Herndon, VA, United States

Information Security Engineer
Petsmart
Phoenix, AZ, United States

Director, Information Technology Security
Transamerica
Los Angeles, CA, United States

 

Industry Webinars

The Audit-Ready Datacenter -- driving the missteps, blindspots, pain and resource consumption out of compliance

Click here to register for this on-demand webinar

Sponsored by: AccelOps

Protecting Data on Removable Media - The Next Step in Data Protection

Click here to register for this on-demand webinar

Sponsored by: GuardianEdge



Click here for more webinar details

Protecting Your Applications from Backdoors: How to Secure Your Business Critical Applications from Time Bombs, Backdoors & Data Leakage

Click here for webinar details and registration link

Sponsored by: Veracode

CLICK HERE for a list of all Industry Webinars

 

ISSA Events

 

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

San Francisco, CA	February 28 - March 1, 2010
Washington, DC Area	May 20 - 21, 2010
Atlanta, GA	September 16 - 17, 2010
TBD	November 2010

For details on the CISO Forum please visit CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

CLICK HERE for upcoming ISSA Chapter Events

 

Industry Events

Anatomy of an Attack: How Hackers Threaten Your Security

• Wednesday, December 9, 2009
• 10:00 a.m. - 2:00 p.m.
• Marriott Minneapolis City Center
• 30 South 7th Street
• Minneapolis, MN, USA

Free to all ISSA Members – Click here to register

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
For event details and registration CLICK HERE

SecureWorld Expo

February 10 - 11, 2010

• Houston SecureWorld Expo
• Reliant Center
• Houston, TX, USA

March 23 - 24, 2010

• Boston SecureWorld Expo
• Hynes Convention Center
• Boston, MA, USA

April 27 - 28, 2010

• Atlanta SecureWorld Expo
• Cobb Galleria Centre
• Atlanta, GA, USA

May 12 - 13, 2010

• Philadelphia SecureWorld Expo
• Valley Forge Convention Center
• King of Prussia, PA, USA

September 22 - 23, 2010

• Bay Area SecureWorld Expo
• Santa Clara Convention Center
• Santa Clara, CA, USA

October 6 - 7, 2010

• Detroit SecureWorld Expo
• Ford Conference and Event Center
• Dearborn, MI, USA

October 27 - 28, 2010

• Seattle SecureWorld Expo
• Meydenbauer Convention Center
• Bellevue, WA, USA

November 3 - 4, 2010

• Dallas SecureWorld Expo
• Plano Convention Centre
• Plano, TX, USA

December 7 - 8, 2010

• Phoenix SecureWorld Expo
• Phoenix Convention Center
• Phoenix, AZ, USA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS10.

SecureWorld+ Extended Training 2010 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS10.

For event details and registration go to: http://www.secureworldexpo.com/

CLICK HERE for more upcoming Industry Events

In this Issue

1. 60 Minutes: “Cyber War - Sabotaging the System”
2. Security Unawareness: Influencing Security Awareness Beyond Incident Response
3. The Impact of Data Disclosure – Featured ISSA Journal Article
4. Call for Volunteers: ISSA Connect and Web Conferences
5. ISSA Journal Goes Digital
6. ISSA Web Conferences
7. Earn CPE Credits - Submit a Whitepaper Today!
8. Industry Webinars
9. ISSA Events
10. Industry Events

Sponsor

Access the complete Gartner report and get in-depth analysis of the Mobile Data Protection market, compliments of GuardianEdge.

The State of Internet Security has changed. Classifying internet content is what the Websense® ThreatSeeker Network is all about – discovering, classifying and monitoring global Internet threats and trends. Learn more about the State of Internet Security and what you need to do to protect yourself. http://www.websense.com/

60 Minutes: “Cyber War - Sabotaging the System”

Steve Kroft investigates why President Obama has made cyber war defense a top national security priority. View the video and join the discussion threads on ISSA Connect under Hot Security Topics.

Security Unawareness: Influencing Security Awareness beyond Incident Response

ISSA Web Conference – Now On Demand

Security incidents, while outwardly technical seeming, are normally - in fact - often caused by staff behavior. Incident wash-ups and problem resolution must look at the root cause of such incidents and, therefore look at both the technical and people aspects in order to ensure that the incident doesn't happen again. Security awareness is crucial to effective information security and to both governance & compliance.

Click here to view the Web Conference and earn CPE credits. You will get valuable insight from:

• David Lacey - Independent researcher and consultant, UK
• Marnie Wilking - VP, Information Security Management, Wells Fargo
• Assaf Litai - VP, Websense, Inc.

Sponsored by: Websense

The Impact of Data Disclosure – Featured ISSA Journal Article

By Jason Andress – ISSA member, Colorado Springs, USA Chapter

This article discusses the mechanisms through which data is disclosed and exploited, both on an organizational and on an individual level, and covers steps that might be taken to mitigate such events.

Abstract
After years of research by security professionals, the challenge of unauthorized or unintended data disclosure continues to grow. Further complicating this issue is the criminal element, ready to exploit the disclosed data for fraudulent monetary gain. This article discusses the mechanisms through which data is disclosed and the exploitation of this data, both on an organizational and on an individual level. Also covered are steps that might be taken to mitigate such events.

Click here to continue reading this and other ISSA Journal articles

Call for Volunteers: ISSA Connect and Web Conferences

Connectors

We are looking for volunteers to help foster dialogue in ISSA Connect. Would you be willing to use your skills to encourage your peers to discuss the latest trends and topics in information security?

“Connectors” or discussion facilitators will be asked to regularly monitor specific threads and contribute their own expertise or reach out to knowledgeable colleagues to help answer questions or share their unique experiences. If you would be willing to help, please contact Dana Paulino.

Web Conferences

Would you be willing to help shape the educational programs offered through ISSA International by joining the Educational Advisory Council (EAC) Web Conferences committee?

Volunteers will be asked to meet monthly and provide assistance in developing monthly ISSA Web Conferences for the 2010 calendar year. The Web Conferences committee is responsibile for content development, speaker recommendations, referrals and overall educational program development for these monthly educational offerings. If you would be willing to help, please contact Jen Huber.

The ISSA Journal Goes Digital

The first all-digital issue of the ISSA Journal was delivered to all members electronically on November 2. As part of the initiative to leverage new technologies for greater access and interaction, the ISSA Journal will go paperless for 10 months of the year. Twice a year – in February and August – you will receive a printed edition in the mail. Click here to read the following feature and other articles in the November issue using BlueToad or you can also download a PDF format to your smart phone or electronic reader. Try it today!

ISSA Web Conferences

InfoSec, 2009 Year in Review and Forecasts for 2010

Sponsored by: Core Security Technologies

Live Event: December 8, 2009
Start Time: 9:00 am US Pacific / Noon US Eastern/ 5:00 pm GMT

CLICK HERE to register for this upcoming Web Conference

Web Conference Overview: The goal of the December ISSA Web Conference is to provide a review of security incidents that have occurred over the past year, identify those that are relevant or insightful into current and future trends. Speakers will be asked to describe the security incidents that they felt were most significant over the past 12 months and comment on how these challenges may (potentially) foreshadow the future and/or lead to disasters.

CLICK HERE to access this and other ISSA Web Conferences

Earn CPE Credits - Publish a Whitepaper Today!

Members can earn CPE credits by publishing a whitepaper! Here is a list of potential paper topics:

Green IT and information security

International perspectives on various challenges faced by information security professionals

Cloud computing

VoIP

Career Corner - Insights from professionals on career choices, training, certifications, mentoring

Checklist of best current practices

Interviews with security executives to showcase challenges that they face

Consumer security

Latest in cryptography

Reference articles - cryptographic algorithms/other security concepts explained from a theoretical perspective

In order to be responsive to emerging threats, technological advancements, and influences within information security, one must tap into the experience and expertise of the professional community. ISSA is soliciting whitepaper submissions by information security professionals that look to inform and educate peers and professionals regarding issues and trends in the industry. Articles are reviewed on the basis of relevance (suitability for readership), timeliness (how in sync content is within an ever changing industry), utility (how directly useful it is), credibility (citations and scholarly awareness), and innovation (how uncommon the topic is).

CLICK HERE to check out a whitepaper submitted by the ISSA UK Chapter - Identity Assurance “Who do you think you are?”

CLICK HERE for details on whitepaper formatting, evaluation and submission requirements.

Industry Webinars

CLICK HERE for a list of all Industry Webinars

The Audit-Ready Datacenter -- driving the missteps, blindspots, pain and resource consumption out of compliance

Click here to register for this on-demand webinar

Sponsored by: AccelOps

Protecting Data on Removable Media - The Next Step in Data Protection

Click here to register for this on-demand webinar

Sponsored by: GuardianEdge



Click here for more webinar details

Protecting Your Applications from Backdoors: How to Secure Your Business Critical Applications from Time Bombs, Backdoors & Data Leakage

Click here for webinar details and registration link

Sponsored by: Veracode

ISSA Events

 

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

San Francisco, CA	February 28 - March 1, 2010
Washington, DC Area	May 20 - 21, 2010
Atlanta, GA	September 16 - 17, 2010
TBD	November 2010

For details on the CISO Forum please visit CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

CLICK HERE for upcoming ISSA Chapter Events

Industry Events

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
For event details and registration CLICK HERE

SecureWorld Expo

February 10 - 11, 2010

• Houston SecureWorld Expo
• Reliant Center
• Houston, TX, USA

March 23 - 24, 2010

• Boston SecureWorld Expo
• Hynes Convention Center
• Boston, MA, USA

April 27 - 28, 2010

• Atlanta SecureWorld Expo
• Cobb Galleria Centre
• Atlanta, GA, USA

May 12 - 13, 2010

• Philadelphia SecureWorld Expo
• Valley Forge Convention Center
• King of Prussia, PA, USA

September 22 - 23, 2010

• Bay Area SecureWorld Expo
• Santa Clara Convention Center
• Santa Clara, CA, USA

October 6 - 7, 2010

• Detroit SecureWorld Expo
• Ford Conference and Event Center
• Dearborn, MI, USA

October 27 - 28, 2010

• Seattle SecureWorld Expo
• Meydenbauer Convention Center
• Bellevue, WA, USA

November 3 - 4, 2010

• Dallas SecureWorld Expo
• Plano Convention Centre
• Plano, TX, USA

December 7 - 8, 2010

• Phoenix SecureWorld Expo
• Phoenix Convention Center
• Phoenix, AZ, USA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS10.

SecureWorld+ Extended Training 2010 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS10.

For event details and registration go to: http://www.secureworldexpo.com/

CLICK HERE for more upcoming Industry Events

In this Issue

1. “16 Assessing and Managing Security Risks Unique to Java and .NET”
2. Security Unawareness: Influencing Security Awareness beyond Incident Response
3. Connect. Collaborate. Learn. Excel!
4. ISSA Journal Call for Articles
5. Earn CPE Credits - Submit a Whitepaper Today!
6. Industry On-Demand Webinars
7. ISSA Events
8. Industry Events

Sponsor

Gartner on Next-Gen Firewalls. If you are buying or refreshing a firewall or IPS, you must read this report. Download a free copy now.

The ISSA Journal Goes Digital

The first all-digital issue of the ISSA Journal was delivered to all members electronically on November 2. As part of the initiative to leverage new technologies for greater access and interaction, the ISSA Journal will go paperless for 10 months of the year. Twice a year – in February and August – you will receive a printed edition in the mail. Click here to read the following feature and other articles in the November issue using BlueToad or go to ISSA Connect. You can also download a pdf format to your smart phone or electronic reader. Try it today!

“16 Assessing and Managing Security Risks Unique to Java and .NET”

By Sebastian Holst

This article enumerates specific risks unique to managed code, guidance on assessing organizational materiality of these risks, and an inventory of broadly recognized risk-mitigation technologies and practices.

Click here to continue reading this and other Journal articles

Security Unawareness: Influencing Security Awareness beyond Incident Response

ISSA Web Conference

Sponsored by: Websense

Date: November 17, 2009
Start Time: 9:00am US Pacific / Noon US Eastern/ 5:00pm GMT

CLICK HERE to register now for the upcoming November ISSA Web Conference

Web Conference Overview:
Security incidents, while outwardly technical seeming, are normally - in fact - often caused by staff behavior. Incident wash-ups and problem resolution must look at the root cause of such incidents and, therefore look at both the technical and people aspects in order to ensure that the incident doesn't happen again. Security awareness is crucial to effective information security and to both governance & compliance.

CLICK HERE to access this and other ISSA Web Conferences

Connect. Collaborate. Learn. Excel!

Share your thoughts online:

Where should you keep your passwords?

Is annual loss expectancy (ALE) overrated?

How are you dealing with reputation systems?

What are the qualities of a good security professional?

Connect is heading in your direction – providing up to the minute feedback on pressing issues.

Come be a part of the solution as you share your thoughts, see what others have to say, and experience professional growth amidst peers and colleagues.

Then, get down to the business of connecting, collaborating, learning, and excelling! CLICK HERE to login to ISSA Connect!

ISSA Journal Call for Articles

From the onslaught of federal and international privacy regulations to U.S. states such as California, Massachusetts, and Nevada passing their own privacy laws, the legal and information security worlds are continually on a crash course. These regulations are greatly impacting organizations and businesses. Have you had to rethink which third- party service providers can process your data or had to cancel a project because it may not properly protect personally identifiable information?

The ISSA Journal is looking for articles describing how these laws are affecting an organization’s information security strategies, customer relations, disclosure, and data retention. What are you doing about it? Deadline for articles is November 13 or sooner. Send to the ISSA Journal Editor.

Earn CPE Credits - Publish a Whitepaper Today!

Members can earn CPE credits by publishing a whitepaper! Here is a list of potential paper topics:

Green IT and information security

International perspectives on various challenges faced by information security professionals

Cloud computing

VoIP

Career Corner - Insights from professionals on career choices, training, certifications, mentoring

Checklist of best current practices

Interviews with security executives to showcase challenges that they face

Consumer security

Latest in cryptography

Reference articles - cryptographic algorithms/other security concepts explained from a theoretical perspective

In order to be responsive to emerging threats, technological advancements, and influences within information security, one must tap into the experience and expertise of the professional community. ISSA is soliciting whitepaper submissions by information security professionals that look to inform and educate peers and professionals regarding issues and trends in the industry. Articles are reviewed on the basis of relevance (suitability for readership), timeliness (how in sync content is within an ever changing industry), utility (how directly useful it is), credibility (citations and scholarly awareness), and innovation (how uncommon the topic is).

CLICK HERE to check out a whitepaper submitted by the ISSA UK Chapter - Identity Assurance “Who do you think you are?”

CLICK HERE for details on whitepaper formatting, evaluation and submission requirements.

Industry On-Demand Webinars

Patch Management Best Practices - The Foundation for Application Security

Sponsored by: BigFix, Inc.
Click here for more webinar details

Enabling the Collaborative Enterprise without Putting Your Company at Risk

Sponsored by: Palo Alto Networks
Click here for more webinar details

Strategies for Safely Enabling Web 2.0 and Preventing Data Loss

Sponsored by: Websense
Click here for more webinar details

For other on-demand Industry Webinars, CLICK HERE

ISSA Events

 ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

For details on the CISO Forum CLICK HERE.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. CLICK HERE for complete membership criteria is available at.

CLICK HERE for upcoming ISSA Chapter Events

Industry Events

RSA Conference USA 2010

• March 1 – 5, 2010
• Moscone Center
• San Francisco, CA, USA

Cost: $1,495 – $2,195
Discount to ISSA Members: $150
Discount Code: CLICK HERE to request
For event details and registration CLICK HERE

CLICK HERE for more upcoming Industry Events