ISSA E-News: January 26, 2012

Webcast Description:

Register now for an informative on-demand webcast featuring Gartner Analyst, John Pescatore and FireEye CEO, Ashar Aziz. Hear from Gartner and FireEye on how today’s next-generation cyber attacks are bypassing traditional defenses, impacting business (this is inclusive to hard and soft costs), and what companies can do to protect their critical assets. Gain more insight into recent cyber attacks, why traditional defenses failed, and how some companies are already protecting themselves from targeted APTs.

Click here to register for this on-demand industry webinar recorded live November 15, 2011

ISSA Journal Call for Articles: Looking to the Future

Deadline for submission: January 6

As we look to the future, how can we prepare for the inevitable evolution in regulations, in data protection, in privacy, in the threat landscapes, in...? We’ve seen tremendous technological changes; certainly equal if not greater change is on the horizon. Will it be possible to protect all data? Or will we only be able to assure a subset of the absolutely critical information? With the unprecedented expansion of social media and data mining technologies, will individual, personal privacy become a concept of the past, merely an illusion? How do we protect a network infrastructure with a disappearing perimeter and wireless access anywhere, anytime? How do we develop, manage, and maintain secure code, architectures, and enterprises that can successfully address new forms of connectivity and the information contained therein?

The criminals continue to probe and penetrate; security professionals react and remediate. How can security take to the offensive and beat the criminals at their own game? How do we best train the next generation of security professionals? How do we best educate the next generation of information users and consumers? What do you see down the road?

The ISSA Editorial Advisory Board invites you to share your “real-life” experiences, techniques, processes, and perspectives to help the information security community engage the future and succeed.

Please submit articles by January 6 to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org. Click here for more issue theme descriptions.

ISSA Events

Have a chapter event to post? Let us know!

ISSA CISO Executive Forum

San Francisco, CA	February 25 - 26, 2012
Denver, CO	May 16 - 17, 2012
Boston, MA	August 2012
Anaheim, CA	October 26-27, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

ISSA International Conference

Date: October 25-26, 2012
Location: Disneyland Hotel Anaheim, CA – USA

Special Events Held in Conjunction with the International Conference:

Chapter officers plan on arriving in Anaheim early to attend the Chapter Leaders Summit on October 24*.
CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 27*, immediately following the International Conference.

*Open to qualified attendees only.

If you have question about the Conference please email: conference customer service.

For more information click here

January Northwest Arkansas Chapter Meeting

Date: Tuesday, January 3, 2012
Time: 11:00 AM - 1:00 PM
Location: Dinks Bar-B-Que 3404 SE Macy Rd #18, Bentonville, AR
Cost: Free

The chapter meeting will include a presentation by Vernon Habersetzer, Sr. Technical Expert and Team Lead for Walmart’s Incident Response Team. Habersetzer’s team was awarded a patent for the equipment he built to aid in incident response and computer forensic investigations, which he will demonstrate at the meeting. Habersetzer has spent the past 11 years of his career in the computer forensics and incident response fields in both retail and health care environments. He holds the CFE, GCFA, GCIH, CISSP, EnCE, and CISA certifications. His team was the recipient of the SANS Lethal Forensicator coin in 2011.

Phoenix Chapter Invites You to Its Q1/12 Quarterly Training Forum

Date: Tuesday, January 10, 2012
Time:11:30 AM - 5 PM 11:30-12:00 PM sign-in, pickup lunch, and network
Location: ITT Technical Institute 5005 W. Wendler Dr., Tempe, AZ 85282 (NW Corner, I-10 & Baseline, Across from Fry's Electronics)
Cost: Event Cost: ISSA Members attend free when pre-registering. Walk-ins, Guests, and Non-Members $25. Bring your peers and managers—guests are welcome anytime.

Please join us! Our speakers represent security leaders in different industries who will share their insights and expertise. Stay on top of an ever-changing field with leading edge content. Get a free lunch and snacks. Earn 4 hours CPE credits for certification maintenance (we provide the certificate). Meet and network with other security professionals. Win great door prizes!

For event details and registration go to: http://phoenix.issa.org

This event will be full—don’t wait to register!

Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review

The Raleigh ISSA Chapter is holding an (ISC)² CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.

Date: Saturdays, March 10, 17, 24, 2012
Time: 8 AM - 3PM
Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina

Cost for all three sessions (includes breakfast, lunch and refreshments):

$50 ISSA
$75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
$100 for all others
No Refunds

Required student resources:

Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)² Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
Forum: See the http://cccure.org/ Web site for answers to your questions and more.

To register and for more information click here

Industry Events

SecureWorld Expo

2012 Schedule of Events

Boston March 28-29
Atlanta April 10-11
Houston April 17-18
Charlotte May 2-3
Philadelphia May 23-24

SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security. SecureWorld helps IT professionals earn required CPE training credits. Located in different regions throughout the U.S, SecureWorld is at the convergence of Information Security, Physical Security, GRC, IT Audit, Computer Forensics, Business Continuity, Consumerization, Cloud Security, Privacy, and Security Awareness.

Along with a regional approach to content, nationally recognized security companies use SecureWorld as a way to meet and network with security professionals regionally. By bringing the national security companies together with local security professionals, attendees are able to seek out solutions to their enterprise security needs in an effective and efficient manner.

ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits and Open Sessions with Lunch Keynote, and 12 CPE credits. Register online ISSNWS12.

SecureWorld + Extended Training 2012 includes 4+ hours of intensive training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld + pass is only $495 with a special ISSA member discount, register using code ISSNWS12.

For conference details and to register go to http://www.secureworldexpo.com.

FloCon 2012 Conference

Dates: January 9-12, 2012
Location: Austin, TX
Cost: $650
Discount to ISSA members: 10%
Discount Code: FLOISSA11

FloCon brings together analysts and researchers who understand the value that flow analysis brings to network situational awareness and scalable solutions. FloCon 2012 will focus on the progression of analytics from ideas, to prototypes, to tools. Each phase has its own set of successes, but it also raises its own set of challenges. Which case studies spark the seed of a new idea? How can flow data help refine a static signature? What are the costs/benefits of implementing a technique at the large-scale network level versus the host level? Join us on January 9-12, 2012 to learn more!

For more information and to register click here

HIPAA Audit Prep BootCamp

Dates: February 9, 2012 from 8:30 AM to 5:00 PM
Location: Hilton Garden Inn-Atlanta Airport North
Cost: $595 for general public $495 for ISSA members
Discount Code: Enter “ISSA MEMBER” in the “How Did You Find Us” box on the registration page.Use “ATL-ISSA” on shopping cart (payment) page to receive $495 ISSA rate
Attendees: CEOs, CFOs, CIOs, Compliance Officers of Covered Entities and Business Associates

This event will cover privacy, security and breach regulatory requirements,OCR Audit Program,best practices for audit preparation, tools to facilitate compliance programs, and practical hands-on exercises. Benefits for attendees include: step-by-step implementation strategy,understanding regulations, understanding new compliance enforcement, creating “single source of truth” repository for documentation,evaluating current safeguards,recognizing high priority gaps in compliance program, identifying key progress metrics, and gaining a competitive advantage.

To register and for more information click here.

RSA Conference USA

Date(s): Feb 27- Mar 2, 2012
Location: San Francisco, CA
Cost: $1,595 - $2,295
Discount to ISSA Members: $150
Discount Code: 1212ISSADL15

RSA® Conference helps drive the information security agenda worldwide with annual events in the U.S., Europe, and Japan. Throughout its 20+ year history, RSA Conference consistently attracts the world’s best and brightest in the field, creating opportunities for Conference attendees to learn about information security’s most important issues through first-hand interactions with peers, luminaries, and emerging and established companies. As the information security field continues to grow in importance and influence, RSA Conference plays an integral role in keeping security professionals across the globe connected and educated.

For more information and conference dates click here.

To register for this event click here.

5th Annual Enterprise Risk Management Conference

Dates: March 19-21, 2012
Location: Chicago, IL
Cost: $2,695 – End-user, $2,995 – Vendor/Consultant
Discount to ISSA Members: 10%
Discount Code: “ISSA”

Join ERM leaders from Xcel Energy, Pinnacle Entertainment, HSBC, Eli Lilly & Company, Comcast Corporation, OfficeMax, Harley Davidson, Constellation Energy Group and many more!

Attending This Event Will Enable You to:

Become aware that risk management has become more complex and critical in the current economic environment.
Learn about various concerns in business operations including globalization, technology, economic environment, regulators, competitors and speed of change
Maintain costs, while maintaining a proper focus on enterprise wide risk
Better educate your board on the nuances of enterprise risk management
Lead the effort around formalizing the companies risk management program

To register for this event click here

ISSA E-News: December 15, 2011

In this Issue

Welcome Montgomery, Alabama, USA!
Featured Member Discounts
January 24: Year in Review - ISSA Web Conference
Industry Webinars Available On-Demand
Journal Call for Articles
2011 Conference Recordings Now Available
ISSA Events
Industry Events

Welcome Montgomery, Alabama, USA!

On behalf of the ISSA International Board, we are excited to officially welcome Montgomery as our newest redeveloped chapter. Through the efforts of Charles Wade, the chapter President, and the chapter founders, Montgomery rejoins a worldwide network of ISSA Chapters, 154 strong, representing 70 countries. Congratulations!

Featured Member Discounts:

Tradepub.com offers ISSA members free subscriptions to leading security publications as well as access to hundreds of security white papers and guides. See the Buyer’s Guide and Discount Directory for more details.

Year in Review: How Last Year’s Trends Help Us Plan for the Future

Live Event: January 24, 2012
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Click here to register

Web Conference Overview:

2011 was the year of security relevant issues and events. This is inclusive of changes in security legislation proposals, protective technology, and even cyber-attacks. This session will explore the challenges that security professionals confronted this past year. Based on these challenges, we will explore the lessons learned as we move into 2012.

Industry Webinars Available On-Demand

Simplifying the Identity Compliance Challenge

Sponsored By:

Traditional IAM focuses on managing users and controlling their access to protected resources and information. However, this approach is not sufficient for many compliance requirements because it doesn’t control what users can do with the information once they get it. Without control of the use of information, security risk is increased and compliance becomes more challenging. This webcast will focus on Content-Aware IAM, an innovative approach that leverages knowledge of information content to not only protect that information from theft or loss, but also improves the policy enforcement across the other IAM components.

Click here to register for this Industry Webinar

Turning Data Loss Problems into Data Loss Prevention: Best Practices for Successful Programs

Sponsored By:

Webcast Description:

In a recent report, IDC stated “Organizations start their DLP programs by attempting to stop the proliferation of data that leads to unauthorized access and breaches. This approach is the proverbial equivalent of chasing the horse that has left the barn.”⁽¹⁾ IDC went on to say that effective DLP programs need to begin with protecting the data at the main data repository — the database.

In this webcast, IDC security analyst, Charles Kolodgy, will discuss the growing threats to business information, the impact government regulations have on requiring additional data protections, security best practices that bring together data leak prevention and database security, and how increasing database security is one of the most efficient and cost-effective measures an organization can take to prevent data leaks.

You will also hear from Oracle Database Security Products Director, Roxana Bradescu, about the controls that are at the core of information leak prevention, the solutions that stop malicious and noncompliant actions before they occur by protecting and controlling information at the source — the database management systems.

¹“Effective Data Leak Prevention Prog! rams: Start by Protecting Data at the Source – Your Databases,” Authored by Charles J. Kolodgy in August, 2011

Click here to register for this on-demand industry webinar.

ISSA Journal Call for Articles: Looking to the Future

Deadline for submission: January 6

As we look to the future, how can we prepare for the inevitable evolution in regulations, in data protection, in privacy, in the threat landscapes, in...? We’ve seen tremendous technological changes; certainly equal if not greater change is on the horizon. Will it be possible to protect all data? Or will we only be able to assure a subset of the absolutely critical information? With the unprecedented expansion of social media and data mining technologies, will individual, personal privacy become a concept of the past, merely an illusion? How do we protect a network infrastructure with a disappearing perimeter and wireless access anywhere, anytime? How do we develop, manage, and maintain secure code, architectures, and enterprises that can successfully address new forms of connectivity and the information contained therein?

The criminals continue to probe and penetrate; security professionals react and remediate. How can security take to the offensive and beat the criminals at their own game? How do we best train the next generation of security professionals? How do we best educate the next generation of information users and consumers? What do you see down the road?

The ISSA Editorial Advisory Board invites you to share your “real-life” experiences, techniques, processes, and perspectives to help the information security community engage the future and succeed.

Please submit articles by January 6 to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org. Click here for more issue theme descriptions.

2011 Conference Recordings and Slide Decks Now Available

If you missed the ISSA International Conference, or found that there were too many sessions from which to choose – don’t worry. Select audio recordings and slide decks are now available. Over 30 audio recordings are free to members and offer and great opportunity to hear noted experts, thought leaders, and innovative professions as they present information making us more effective today while laying a foundation for future.

ISSA Events

Have a chapter event to post? Let us know!

ISSA CISO Executive Forum

San Francisco, CA	February 25 - 26, 2012
Denver, CO	May 16 - 17, 2012
Boston, MA	August 2012
Anaheim, CA	October 26-27, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

Phoenix Chapter Invites You to Its Q1/12 Quarterly Training Forum

Date: Tuesday, January 10, 2012
Time:11:30 AM - 5 PM 11:30-12:00 PM sign-in, pickup lunch, and network
Location: ITT Technical Institute 5005 W. Wendler Dr., Tempe, AZ 85282 (NW Corner, I-10 & Baseline, Across from Fry's Electronics)
Cost: Event Cost: ISSA Members attend free when pre-registering. Walk-ins, Guests, and Non-Members $25. Bring your peers and managers—guests are welcome anytime.

Please join us! Our speakers represent security leaders in different industries who will share their insights and expertise. Stay on top of an ever-changing field with leading edge content. Get a free lunch and snacks. Earn 4 hours CPE credits for certification maintenance (we provide the certificate). Meet and network with other security professionals. Win great door prizes!

For event details and registration go to: http://phoenix.issa.org

This event will be full—don’t wait to register!

Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review

The Raleigh ISSA Chapter is holding an (ISC)² CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.

Date: Saturdays, March 10,17,24, 2012
Time: 8 AM - 3PM
Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina

Cost for all three sessions (includes breakfast, lunch and refreshments):

$50 ISSA
$75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
$100 for all others
No Refunds

Required student resources:

Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)² Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
Forum: See the http://cccure.org/ Web site for answers to your questions and more.

To register and for more information click here

Industry Events

FloCon 2012 Conference

Dates: January 9-12, 2012
Location: Austin, TX
Cost: $650
Discount to ISSA members: 10%
Discount Code: FLOISSA11

FloCon brings together analysts and researchers who understand the value that flow analysis brings to network situational awareness and scalable solutions. FloCon 2012 will focus on the progression of analytics from ideas, to prototypes, to tools. Each phase has its own set of successes, but it also raises its own set of challenges. Which case studies spark the seed of a new idea? How can flow data help refine a static signature? What are the costs/benefits of implementing a technique at the large-scale network level versus the host level? Join us on January 9-12, 2012 to learn more!

For more information and to register click here

RSA Conference USA

Date(s): Feb 27- Mar 2, 2012
Location: San Francisco, CA
Cost: $1595 - $2295
Discount to ISSA Members: $150 off
Discount Code: 1212ISSADL15

RSA® Conference helps drive the information security agenda worldwide with annual events in the U.S., Europe, and Japan. Throughout its 20+ year history, RSA Conference consistently attracts the world’s best and brightest in the field, creating opportunities for Conference attendees to learn about information security’s most important issues through first-hand interactions with peers, luminaries, and emerging and established companies. As the information security field continues to grow in importance and influence, RSA Conference plays an integral role in keeping security professionals across the globe connected and educated.

For more information and conference dates click here.

To register for this event click here.

ISSA E-News: November 17, 2011

In this Issue

Listen to General Alexander’s Keynote
RSA Discount
Autumn Senior Member Applications Due in 2 Weeks
Fellow Nominations Must Be Received by December 1
ISSA Web Conference: Changing Face of Security Ethics
Industry Webinars Available On-Demand
Journal Call for Articles
ISSA Events
Industry Events

Sponsors

Listen to General Alexander’s Keynote

If you missed last month’s International Conference or found there were too many sessions from which to choose – don’t worry. Recordings of General Keith B. Alexander’s keynote and those of Shawn Henry, M. Eric Johnson and the executive panel are now available. Presentations of our featured speakers and breakout sessions are coming soon. Watch for announcements in E-News and Connect for details.

Plan now for the 2012 International Conference at the Disneyland Hotel in Anaheim, CA, October 24-27.

RSA Conference 2012: Special Offer for ISSA Members - November 18 deadline for Early Bird Pricing

Attending RSA® Conference USA in San Francisco? Register before November 18, 2011 and as an ISSA member you can save $850 with discount code: 1212ISSADL15. The offer includes a $700 early registration discount for a Delegate Pass plus an additional savings of $150 for ISSA members.

RSA® Conference helps drive the information security agenda worldwide with annual events in the U.S., Europe and Japan. Throughout its 21 year history, RSA Conference consistently attracts the world’s best and brightest in the field, creating opportunities for conference attendees to learn about information security’s most important issues through first-hand interactions with peers, luminaries and emerging and established companies. For more information and conference dates, visit www.rsaconference.com. Remember to use the special ISSA discount code 1212ISSADL15* for $150 off current registration pricing.

Register Now

All discount codes must be entered at time of registration and will not be applied retroactively. Your registration must be paid in full by November 18 in order to receive this pricing.

Additional Discounts:

Make sure to visit the Industry Events and Special Offers page for more discounts available to ISSA Members.

Autumn Senior Membership Applications Close in 2 Weeks

Have you been an ISSA member for 5 years and have 10 years of work experience in the information security field? You can apply for Senior Member status. Your application package must include the following items:

Application form endorsed by your Chapter Board of Directors (at-large members may submit directly)
Certification of membership form (final page of application)
Resume

Applications will be accepted until December 1. All documents must be received by midnight US Pacific time. Documents may be faxed to +1 206 299 3366 or emailed to fellow@issa.org.

Senior Members are listed on the website and will receive a special certificate.

Please be sure all questions on the application are answered. Consult the complete submission guidelines. Questions should be addressed to fellow@issa.org or 1 866 349 5818 (toll free within US), +1 206 388 4584 (international), extension 102.

Fellow Nominations Must be Received by December 1

The Fellow Program recognizes sustained membership, volunteer leadership, and contributions to the profession. No more than 1% of members may hold Distinguished Fellow status at any given time. Fellow status will be limited to a maximum of 2% of the membership.

Nominations may be made by your Chapter President, a current Fellow of comparable or higher rank or a member of the International Board of Directors. Nominations are now open and will be accepted until December 1 at midnight US Pacific time. For eligibility and nomination requirements, consult the complete submission guidelines. Nominators are responsible for ensuring that the nomination package is submitted in a timely manner. Documents may be faxed to +1 206 299 3366 or emailed to fellow@issa.org.

The nomination package includes:

Distinguished Fellow or Fellow nomination completed by the nominator
Application completed by the nominee
Certification of Membership form (final page of application)
Resume
2 letters of recommendation from current Fellow Program members of equal or higher rank other than nominator
Photo (optional)

ISSA Web Conference: Changing Face of Security Ethics

Live Event: November 29, 2011
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Web Conference Overview:

2011 witnessed an explosion of information and misinformation leakages as protests occurred in the Middle East. The world observed a steady stream of information following the horrific series of natural disasters in Japan. Wikileaks challenged our notion of transparency, ethics, and security. In response to Egyptian protests, U.S. legislation proposed by Senators Lieberman, Collins, and Carper raised questions pertaining to government’s role in shutting down the internet in the event of a cyber attack. How do international events impact the information security professional on a daily basis? What impact will these events have on how we run our business, ethics, and compliance for next year and years to come? In light of the major events that occurred in 2011, what precautions can we take as we move forward? This web conference will address these questions while assessing the impact of global events on the information security field, systems, industry ethics, and individual.

click here for more information.

Industry Webinars Available On-Demand

Identifying Real Risk in Virtualized Environments: A New Paradigm in Vulnerability Management

Sponsored By:

Click here to view this on-demand industry webinar

Webcast Description:

The widespread adoption of virtualization techniques provides proven benefits for organizations including lower cost of ownership, accelerated hardware ROI, and a simplified physical infrastructure. However, for security teams, virtualization has opened up a bit of a pandora's box.

In its recent report, IBM detailed that from 2005-2009, the number of annually disclosed virtualization vulnerabilities increased by more than 300% , with new classes of vulnerabilities affecting management consoles, management servers, administrative VMs, guest VMs, and hypervisors. As the interest in virtualization has increased, so has the severity of these vulnerabilities, with 40% classified as "high severity".

Watch this webcast to learn about innovative new approaches to proactively manage risk across these dynamic environments.

Posted: November 16, 2011

The Next Generation of Attacks Getting Through: Zero-Day and Targeted APTs — Can You Stop Them?

Sponsored By:

Webcast Description:

Register now for an informative on-demand webcast featuring Gartner Analyst, John Pescatore and FireEye CEO, Ashar Aziz. Hear from Gartner and FireEye on how today’s next-generation cyber attacks are bypassing traditional defenses, impacting business (this is inclusive to hard and soft costs), and what companies can do to protect their critical assets. Gain more insight into recent cyber attacks, why traditional defenses failed, and how some companies are already protecting themselves from targeted APTs.

Click here to register for this on-demand industry webinar recorded live November 15, 2011

Journal Call for Articles: January 2012 - Legal and Privacy Issues

Like technology and security challenges, the legal environment impacting data security professionals is in constant flux. New laws are passing and being proposed at every level of government on a worldwide basis. Organizations of all sizes may be subject to legal requirements in multiple jurisdictions across the country and the globe. Now more than ever the decisions that security professionals make impact the legal risk faced by the organization. In this issue we explore the legal environment of information security and privacy and the role of security professionals in understanding, collaborating on, and addressing legal risks and compliance matters.

Please submit articles by December 1 to editor@issa.org. ISSA Editorial guidelines are available in the Journal section of ISSA.org. Click here for more issue theme descriptions.

ISSA Events

ISSA CISO Executive Forum

San Francisco, CA	February 25 - 26, 2012
Denver, CO	May 16 - 17, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

Northern Virgina Chapter Meeting

Noblis, 3150 Fairview Park Drive South, Falls Church, VA 22042
Date: November 17, 2011
Time: 6:30 PM (Doors open at 5:30 PM)

Elizabeth Hyman of CompTia will lead a panel discussion of congressional staffers assigned to create the cyber security bill.

For more information and to RSVP click here.

ISSA-UK Chapter Hosts: Microsoft Security Training Day

Date: Tuesday, December 13, 2011
Time: 9:30 AM – 7:00 PM
Location: London
Cost: ISSA Members – free
Trial Members – free (please sign up by clicking here)
Non Members - £50

The aim of Security Training Days are to educate delegates as to new developments in technologies and solutions that will help them in their day-to-day security roles. This event is worth 5.5 CPDs/CPEs to contribute toward ongoing security training certifications. This event will focus on a wide range of Microsoft solutions - desktops, servers, gateways, identity based access, rights management, certificate management, identity federation and of course the cloud.

For more information click here

Publicize potential Chapter Sponsorship Opportunities:
For sponsorship details, please contact mailton:sponsorhisp@issa-uk.org

Phoenix Chapter Hosts: Protecting your Business & Customers From Electronic Crimes Conference

Date: December 15, 2011
Time: 8:30 AM - 5:00 PM
Location: Arizona State University SkySong Campus, 1475 North Scottsdale Road, Scottsdale, AZ 85257.
Cost:$125
Discount to ISSA members: Members pricing $100
Government Employees: $50

This conference will bring together government officials, security leaders, technology experts, senior executives, and policy makers who are developing strategies to address the ever-growing threat to our nation’s financial payment systems and customer data security. The purpose of the conference is to provide consumers, retailers, dealers, lawyers, accountants, financial services, and other professions with an opportunity to advance their knowledge and to participate in the formulation of strategic collaborative alliances between the private and public sectors to confront Electronic Crimes.

To register for this event click here.

Interested sponsors please contact Sheila Martin - 602-300-2682 or email events@azbizopps.org for further information.

Raleigh North Carolina Chapter Hosts - 2012 CISSP Exam Review

The Raleigh ISSA Chapter is holding an (ISC)² CISSP Exam Review over three study sessions. Each session is led by CISSP certified Raleigh ISSA Chapter members.

Date: Saturdays, March 10,17,24, 2012
Time: 8 AM - 3PM
Location: Conference room of Matrix Inc., 7001 Weston Parkway, Suite 105, Cary, North Carolina

Cost for all three sessions (includes breakfast, lunch and refreshments):

$50 ISSA
$75 Sister Associations: ISSA non-chapter, ISACA, InfraGard, etc. Members
$100 for all others
No Refunds

Required student resources:

Study Book: Shon Harris' CISSP All-in-One Exam Guide, 5th Edition (or newest available edition). The (ISC)² Official CISSP Examination Guide is optional. Students must purchase book(s) before first review session.
Free Quiz: See the http://www.freepracticetests.org/quiz/home.php web site.
Forum: See the http://cccure.org/ Web site for answers to your questions and more.

To register and for more information click here

Industry Events

SecureWorld Expo

Click here to register for this ISSA Web Conference

November 16-17, 2011
Meydenbauer Convention Center
Bellevue, WA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS11.

SecureWorld+ Extended Training 2011 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS11.

For event details and registration go to: http://www.secureworldexpo.com/

CISO Summit 2011

Date: December 6-7, 2011
Location: Scottsdale, AZ
Cost: Sponsorship packages available between $25,000 - $60,000. Delegate registration $2,995.
Discount Code: ISSA
Vendors receive a 25% discount

Four (4) VIP Passes for qualifying attendees from your CISC/Senior IT leader community to attend the 2011 CISO Summit. The CISO Summit is a chance for CISOs and IT security executives to meet with their peers from multiple industries including, but not limited to, healthcare, finance, insurance, government, telecom, utilities, and education. This three day summit features engaging keynote speeches, open forums, think tanks, case studies, and panel discussions on the latest information security topics and trends. Open discussions and networking time give attending CISOs and information security executives the opportunity to discuss common problems and discover new and innovative solutions. Attendees will leave the event with new business contacts and new ideas on how to move their business forward.

To register and for more information click here.

SANS London

Dates: December 3-12, 2011
Location: London, UK
Cost: Various
Discount to ISSA members: 10%
Discount Code:ISSATNLON11

SANS London 2011 offers 16 hands-on technical security courses addressing intrusion detection, penetration testing and ethical hacking, forensics, compliance and much more. Boost your training with intense practice labs and bonus evening sessions, all part of the SANS London 2011 Experience.

To register click here.

For more information click here.

RSA Conference USA

Date(s): Feb 27- Mar 2, 2012
Location: San Francisco, CA
Cost: $1595 - $2295
Discount to ISSA Members: $150 off
Discount Code: 1212ISSADL15

RSA® Conference helps drive the information security agenda worldwide with annual events in the U.S., Europe, and Japan. Throughout its 20+ year history, RSA Conference consistently attracts the world’s best and brightest in the field, creating opportunities for Conference attendees to learn about information security’s most important issues through first-hand interactions with peers, luminaries, and emerging and established companies. As the information security field continues to grow in importance and influence, RSA Conference plays an integral role in keeping security professionals across the globe connected and educated.

For more information and conference dates click here.

To register for this event click here.

ISSA E-News: November 3, 2011

In this Issue

Scholarship in Memory of E. Eugene Schultz, Jr.
5 Years of Membership and 10 Years of Experience?
Do You Qualify for Fellow or Distinguished Fellow?
2012 International Conference Scheduled for Anaheim
ISSA Web Conference: Changing Face of Security Ethics
Industry Webinars
Career Section
ISSA Events
Industry Events

Sponsors

Scholarship in Memory of E. Eugene Schultz, Jr.

The E. Eugene Schultz, Jr. Scholarship has been established by the ISSA Education Foundation to assist outstanding students working toward degrees in information security.

“Gene was a long time member of the ISSA and beloved by all who met and worked with him. Given that Gene’s impact in the world of information security was profound, it only makes sense that the ISSA Education Foundation establishes a scholarship in his honor” states Steve Haydostian, President of the ISSA Education Foundation.

Gene’s friends, colleagues and those he influenced throughout his career are invited to donate to the scholarship fund. Tax deductible donations to the Foundation can be made at ISSAEF’s website at www.issaef.org. You may also make a donation directly to the Foundation Treasurer at: treasurer@issa-foundation.org

For more details and application forms, please see the Student Scholarship section of the ISSAEF’s website at: www.issaef.org.

5 Years Membership and 10 Years Experience?

Have you been an ISSA member for 5 years and have 10 years of work experience in the information security field? You can apply for Senior Member status. Your application package must include the following items:

Application form endorsed by your Chapter Board of Directors (at-large members may submit directly)
Certification of membership form (final page of application)
Resume

Applications will be accepted until December 1. All documents must be received by midnight US Pacific time. Documents may be faxed to +1 206 299 3366 or emailed to fellow@issa.org.

Senior Members are listed on the website and will receive a special certificate.

Please be sure all questions on the application are answered. Consult the complete submission guidelines. Questions should be addressed to fellow@issa.org or 1 866 349 5818 (toll free within US), +1 206 388 4584 (international), extension 102.

Do You Qualify for Fellow or Distinguished Fellow?

The Fellow Program recognizes sustained membership, volunteer leadership, and contributions to the profession. No more than 1% of members may hold Distinguished Fellow status at any given time. Fellow status will be limited to a maximum of 2% of the membership.

Nominations may be made by your Chapter President, a current Fellow of comparable or higher rank or a member of the International Board of Directors. Nominations are now open and will be accepted until December 1 at midnight US Pacific time. For eligibility and nomination requirements, consult the complete submission guidelines. Nominators are responsible for ensuring that the nomination package is submitted in a timely manner. Documents may be faxed to +1 206 299 3366 or emailed to fellow@issa.org.

The nomination package includes:

Distinguished Fellow or Fellow nomination completed by the nominator

Application completed by the nominee

Certification of Membership form (final page of application)

Resume

2 letters of recommendation from current Fellow Program members of equal or higher rank other than nominator

Photo (optional)

2012 International Conference Scheduled for Anaheim

“I wish to thank all of the volunteers, presenters, sponsors, and attendees of this year’s conference in Baltimore” commented Stefano Zanero, International Board Director and Conference Chair. “Noted experts, executive leaders, and innovative professionals led sessions to make us more effective today while laying a foundation for the future. Members collaborated with peers on solutions to common concerns.”

For those who missed the event, and for those who attended and wish they could listen to a missed session, slide decks and selected audio recordings of the sessions will be made available in the coming days. They are free for all of our members, a shared repository of valuable knowledge. Watch for announcements in E-News and Connect.

It’s not too early to begin planning for the 2012 International Conference, which will be held in beautiful Anaheim, CA on October 24-27, at the Disneyland Hotel. And if you wish to contribute to the year-long effort of preparing the conference, we would welcome your participation in the planning committees.To volunteer contact Kate Kanapeaux

ISSA Web Conference: The Changing Face of Security Ethics

Live Event: November 29, 2011
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Web Conference Overview:

2011 witnessed an explosion of information and misinformation leakages as protests occurred in the Middle East. The world observed a steady stream of information following the horrific series of natural disasters in Japan. Wikileaks challenged our notion of transparency, ethics, and security. In response to Egyptian protests, U.S. legislation proposed by Senators Lieberman, Collins, and Carper raised questions pertaining to government’s role in shutting down the internet in the event of a cyber attack. How do international events impact the information security professional on a daily basis? What impact will these events have on how we run our business, ethics, and compliance for next year and years to come? In light of the major events that occurred in 2011, what precautions can we take as we move forward? This web conference will address these questions while assessing the impact of global events on the information security field, systems, industry ethics, and individual.

Stopping Fake Anti-Virus: Keeping Scareware off Your Network

Sponsored By:

Click here to register and begin viewing this on-demand webinar

Webcast Description:

Fake AV, or Fake Anti-Virus, is one of the most frequently-encountered and persistent threats on the web today. This malware uses social engineering to lure users to malicious sites and scares them into paying for fake threat removal tools. How can you stop this threat from infecting your network and users? Learn why fake anti-virus is so popular with cybercriminals and how you can keep fake AV out of your network.

Richard Wang is the Manager of SophosLabs in the US. He has been working for Sophos since 1997. Richard’s time is split between running the US lab, keeping the world outside informed about the latest threats posed by cybercriminals, and working with Sophos’s technology partners to ensure that all users of Sophos products receive the best possible protection.

Posted: October 19, 2011

ISSA Career Center:

The ISSA Career Center offers a listing of current job openings in the information security, assurance, privacy, and risk fields from a variety of job boards. Visit the career center to post an opening or look for new opportunities.

Just a Few of the Current listings:

Information Security Analyst
Teacher Retirement System of Texas

Manager Security Governance and Communications
Freeport-McMoRan Copper & Gold

Associate Director of Information Protection
The Ohio State University

Information Security Analyst
Company Name: jk recruiters, inc

Information Technology Security Officer
County of Yuba

Information Assurance Engineer
General Dynamics Advanced Information Systems

Members can also use Connect’s Career Section for member’s job postings and career advice.

ISSA Events

Have a chapter event to post? Let us know!

ISSA CISO Executive Forum

San Francisco, CA	February 25 - 26, 2012
Denver, CO	May 16 - 17, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

Metro-Atlanta Chapter Hosts: Security by Design

Dates: November 8-9, 2011
Time: 8:00 AM – 8:00 PM (including extra after hours activities)
Location: Loudermilk Center 40 Courtland St. NE Atlanta, GA 30303
Cost: $200
Discount to ISSA Members: $135 using code ISSA2011

Four diverse yet complementary security groups (Metro-Atlanta ISSA chapter, ASDFED, NCMS, and OWASP) are providing events, speakers and attendee groups, so this will be two days packed full of education and insight. As the theme suggests, an important goal of the conference is to foster a mindset of making information security a fundamental building block of organizations and programs from the outset.

Security should be a cornerstone, not an afterthought.

Conference offerings include: informational sessions, industry expert panels, workshops and peer discussion forums. Events provide value for security professionals across the spectrum. Tracks cover administration, technology, and laws and compliance.

To register and for more information click here for registration and more information

ISSA-UK Chapter Hosts: Microsoft Security Training Day

Date: Tuesday, December 13, 2011
Time: 09:30 AM – 7:00 PM
Location: London
Cost: ISSA Members – free
Trial Members – free (please sign up by clicking here)
Non Members - £50

The aim of Security Training Days are to educate delegates as to new developments in technologies and solutions that will help them in their day-to-day security roles. This event is worth 5.5 CPDs/CPEs to contribute toward ongoing security training certifications. This event will focus on a wide range of Microsoft solutions - desktops, servers, gateways, identity based access, rights management, certificate management, identity federation and of course the cloud.

For more information click here

Publicize potential Chapter Sponsorship Opportunities:
For sponsorship details, please contact sponsorship@issa-uk.org

Phoenix Chapter Hosts: Protecting your Business & Customers From Electronic Crimes Conference

Date: December 15, 2011
Time: 8:30 AM - 5:00 PM
Location: Arizona State University SkySong Campus, 1475 North Scottsdale Road, Scottsdale, AZ 85257.
Cost:$125
Discount to ISSA members: Members pricing $100
Government Employees: $50

This conference will bring together government officials, security leaders, technology experts, senior executives, and policy makers who are developing strategies to address the ever-growing threat to our nation’s financial payment systems and customer data security. The purpose of the conference is to provide consumers, retailers, dealers, lawyers, accountants, financial services, and other professions with an opportunity to advance their knowledge and to participate in the formulation of strategic collaborative alliances between the private and public sectors to confront Electronic Crimes.

To register for this event click here.

Interested sponsors please contact Sheila Martin - 602-300-2682 or email events@azbizopps.org for further information.

Industry Events

Anatomy of a Malware Attack – Arlington

Date: November 9, 2011
Location: Key Bridge Marriott, 1401 Lee Highway, Arlington, VA 22209-1201
Cost: Free

Learn how today's cyber criminals target your computer, identity, and money while receiving practical advice on how to combat anything that comes your way. Sophos security experts will explore how malware threats actually work and what you can do to protect your company.

To register and for more information click here.

SecureWorld Expo

CASE STUDY: IAM in the Cloud

November 16-17, 2011

Meydenbauer Convention Center

Bellevue, WA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS11.

SecureWorld+ Extended Training 2011 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS11.

For event details and registration go to: http://www.secureworldexpo.com/

Global Enterprise Mobility Forum

Dates: November 15 – 16, 2011
Location: London
Cost: 999 Euro + VAT
Discount to ISSA Members: 15%
Discount Code: GEMF

Today, companies must have the ability to easily access business-critical information from anywhere and to move business information quickly and securely between the back office and the front lines. Implementing a suitable mobile platform and a technology solution, further equipping its road warriors with adequate tools and devices, becomes vital. Here are 6 Reasons Why You Can’t Miss Enterprise Mobility Congress 2011:

Learn what CIOs and CTOs need to think about before implementing an enterprise mobility project.
Find Essentials of your existing mobility strategy to meet your corporate expectation
Discover Successful case studies and best practices around mobile strategies and their deployment
Empower your mobile workforce
Growing security concerns around enterprise mobility; ensure that proprietary and confidential business information is secure - key component of any CIO's and CTO’s efforts
Find out undeniable role and importance of the field service excellence

For more information or to register click here

CISO Summit 2011

Date: December 6-7, 2011
Location: Scottsdale, AZ
Cost: Sponsorship packages available between $25,000 - $60,000. Delegate registration $2,995.
Discount Code: ISSA
Vendors and members receive a 25% discount

Four (4) VIP Passes for qualifying attendees from your CISC/Senior IT leader community to attend the 2011 CISO Summit. The CISO Summit is a chance for CISOs and IT security executives to meet with their peers from multiple industries including, but not limited to, healthcare, finance, insurance, government, telecom, utilities, and education. This three day summit features engaging keynote speeches, open forums, think tanks, case studies, and panel discussions on the latest information security topics and trends. Open discussions and networking time give attending CISOs and information security executives the opportunity to discuss common problems and discover new and innovative solutions. Attendees will leave the event with new business contacts and new ideas on how to move their business forward.

To register and for more information click here.

ISSA E-News: October 20, 2011

In this Issue

Apply for Senior Member
Do You Qualify for Fellow or Distinguished Fellow?
ISSA Web Conference: Rise of the Cyber Criminal
A Must for the ISSA Executive – CISO Forum
Industry Webinars
ISSA Events
Industry Events

Sponsors

Apply for Senior Member

If you have been an ISSA member for 5 years and have 10 years of work experience in the information security field, apply for Senior Member status. As a Senior Member, you will be listed on the ISSA website and receive a special certificate.

To apply, simply provide:

Senior Member application form and have it signed by your Chapter Board of Directors (endorsement waived for at-large members)
Certification of membership form (last page of application)
Resume

Be sure all four questions are answered and your actual signature is on the application. Typed signatures will not be accepted.

Applications may be faxed to +1 206 299 3366 or emailed to fellow@issa.org and must be received by Thursday, December 1 at midnight US Pacific Time. Should you have questions or need assistance, contact fellow@issa.org or call Lyn Trainer at 866 349 5818 (US toll free), +1 206 388 4584 (international), extension 102.

Do You Qualify for Fellow or Distinguished Fellow?

Have you led an information security team or project for five or more years? Do you have at least eight years of ISSA membership and served for three years in a leadership role (as a chapter officer or Board member or in an International role)? You may be eligible to become an ISSA Fellow.

You must be nominated for Fellow or Distinguished Fellow by a current Fellow Program member of equal or greater rank or a member of theInternational Board of Directors. Any of these ISSA leaders would be happy to talk with you. For eligibility requirements and additional information, see the submission guidelines.

The package for Fellow and Distinguished Fellow includes:

Nomination form completed by the nominator
Application completed by the nominee
Certification of Membership form (final page of application)
Resume
2 letters of recommendation from current Fellow Program members other than your nominator
Photo (optional)

Packages may be faxed to +1 206 299 3366 or emailed to fellow@issa.org and must be received by Thursday, December 1 at midnight US Pacific Time. Should you have questions or need assistance, contact fellow@issa.org or call Lyn Trainer at 866 349 5818 (US toll free), +1 206 388 4584 (international), extension 102.

October ISSA Web Conference - Rise of the Cyber Criminal

Live Event:October 25, 2011
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Generously supported by:

Web Conference Overview:

Modern civilization has always been plagued by various classes of criminals. The advent of interconnected devices, allowing for portability of corporate secrets, has given rise to a completely different class of nefarious actors. Cyber criminals range from those bent on stealing your personal information to “cyber terrorists” who have the capability to inflict harm on a much wider scale. Uninhibited by current laws, they are very effective given the speeds of networks, lack of appropriate security controls, and the anonymous nature of the attacker. Making matters worse, the crime may be perpetrated by entities outside of the legal jurisdiction where the unlawful act took place. This web conference will explore the following: understanding how these crimes occur, what can be done to prevent them, and how to safeguard your data.

Click here to register for this ISSA Web Conference

A Must for the ISSA Executive – CISO Forum

CISO Executive members are at the forefront of protecting information security infrastructure across industry sectors. ISSA understands your unique need as an executive to access senior level information that will advance your professional development.

For this reason, the CISO Executive Forum allows first time qualified guests to attend the Forum free of charge. This Forum provides an opportunity for executives to network and discuss relevant content in a peer-exclusive environment.

To learn more about this membership and guest program click here.

Click here for the 2011-2012 CISO Forum calendar.

Industry Webinars

Stopping Fake Anti-Virus: Keeping Scareware off Your Network

Sponsored By:

Click here to register and begin viewing this on-demand webinar

Webcast Description:

Fake AV, or Fake Anti-Virus, is one of the most frequently-encountered and persistent threats on the web today. This malware uses social engineering to lure users to malicious sites and scares them into paying for fake threat removal tools. How can you stop this threat from infecting your network and users? Learn why fake anti-virus is so popular with cybercriminals and how you can keep fake AV out of your network.

Richard Wang is the Manager of SophosLabs in the US. He has been working for Sophos since 1997. Richard’s time is split between running the US lab, keeping the world outside informed about the latest threats posed by cybercriminals, and working with Sophos’s technology partners to ensure that all users of Sophos products receive the best possible protection.

ISSA Events

Have a chapter event to post? Let us know!

ISSA CISO Executive Forum

Baltimore, MD	October 21 - 22, 2011
San Francisco, CA	February 25 - 26, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

Raleigh North Carolina Chapter Hosts: 2011 Triangle InfoSeCon

Date: October 20, 2011
Location: The McKimmon Center, NC State University, Raleigh NC
Cost: $35 for ISSA Members, $45 for Sister Professional, government and educational. See Raleigh.issa.org for additional information on registration fees.

The Raleigh Chapter is pleased to announce the 2011 InfoSeCon. This year's conference features eight different security tracks:

Applications & Development Security
Cloud & Virtualization Security
Data & Endpoint Security
Governance, Risk and Compliance
Pen Testing / System & Network Auditing
Physical Security
Professional Development
Strategy & Architecture;

Other Events Include:

Lightning Talks
Capture the Flag, Lockpick Village, and Gringo Challenge

Keynote speakers include: Tom Limoncelli, Time Management Guru; Lenny Zeltser, Security Practice Diretor, Savvis; and Marc Hoit, Vice Chancellor for IT and CIO NC State University.

And fantastic door prizes.

Click here for registration and more information.

ISSA International Conference

Special Events Held in Conjunction with the ISSA International Conference:

Chapter officers plan on arriving in Baltimore early to attend the Chapter Leaders Summit on October 19*.
CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 22*, immediately following the International Conference.

*Open to qualified attendees only.

The 26^th Annual Orange County Information Security Symposium

Date: October 26, 2011
Time: 8:00 AM - 6:00 PM
Location: Hyatt Regency, Long Beach, CA
Cost: Attendance fee $95 until Oct 1 - $115 thereafter
Discount to ISSA Members: $20

The Orange County Information Security Symposium is the premiere SoCal information security program dedicated to the advancement of the information security profession. Speakers are selected for their information security reputation and knowledge of leading issues in the field. This is a full day event that draws information security professionals throughout the Southern California area from both the private and public sector.

UK Regional Meeting – Glasgow

Date: November 1, 2011
Time: 3:00 PM - 7:00 PM
Location: Pricewaterhouse Coopers LLP 141 Bothwell Street Glasgow G2 7EQ Scotland United Kingdom

Free event and is open to ISSA members only.

South Florida Hosts: Taking Security Seriously?!

Date: November 2, 2011
Time: 8:00 AM – 6:00 PM
Location: Signature Grand, 6900 State Road 84, Ft. Lauderdale, FL
Cost: $150 (non-members)
Discount to ISSA Members: $50 Discount Code: ReallyISSA

Come down to South Florida for the one day conference packed with great presentations and networking opportunities. We will be running three tracks tailored to business and technical (both defensive and offensive) content to inspire great discussions to determine if we are really taking security seriously!

To register click here

Founding Chattanooga Chapter of ISSA

Date: November 3, 2011
Time: 5:00 PM
Location: Blue Cross Blue Shield of Tennessee, 1 Cameron Hill Circle, Chattanooga, TN 37402
Cost: Free

This meeting will be to organize the founding of a Chattanooga Chapter of the ISSA. The meeting will judge the expression of interest and commitment to founding a chapter as well as make decisions on at least three events for 2012. A preliminary executive committee or board will be chosen and by-laws will be adopted. Sponsorship will be discussed, and vendor sponsors are welcome to attend.

For more information email Mark Williams

Metro-Atlanta Chapter Hosts- Security by Design

Dates: November 8-9, 2011
Time: 8:00 AM – 8:00 PM (including extra after hours activities)
Location: Loudermilk Center 40 Courtland St. NE Atlanta, GA 30303
Cost: $200
Discount to ISSA Members: $135 using code ISSA2011

Four diverse yet complementary security groups (Metro-Atlanta ISSA chapter, ASDFED, NCMS, and OWASP) are providing events, speakers and attendee groups, so this will be two days packed full of education and insight. As the theme suggests, an important goal of the conference is to foster a mindset of making information security a fundamental building block of organizations and programs from the outset.

Security should be a cornerstone, not an afterthought.

Conference offerings include: informational sessions, industry expert panels, workshops and peer discussion forums. Events provide value for security professionals across the spectrum. Tracks cover administration, technology, and laws and compliance.

To register and for more information click here for registration and more information

Phoenix Chapter Hosts: Protecting your Business & Customers From Electronic Crimes Conference

Date: December 15, 2011
Time: 8:30 AM - 5:00 PM
Location: Arizona State University SkySong Campus, 1475 North Scottsdale Road, Scottsdale, AZ 85257.
Cost:$125
Discount to ISSA members: Members pricing $100
Government Employees: $50

This conference will bring together government officials, security leaders, technology experts, senior executives, and policy makers who are developing strategies to address the ever-growing threat to our nation’s financial payment systems and customer data security. The purpose of the conference is to provide consumers, retailers, dealers, lawyers, accountants, financial services, and other professions with an opportunity to advance their knowledge and to participate in the formulation of strategic collaborative alliances between the private and public sectors to confront Electronic Crimes.

To register for this event click here.

Interested sponsors please contact Sheila Martin - 602-300-2682 or email events@azbizopps.org for further information.

Industry Events

Hacker Halted USA 2011

Dates: October 21-27, 2011
Location: Intercontinental Hotel, Miami, FL, USA

Hacker Halted is the world’s premier technical infosec event and the largest reunion of ethical hackers. It includes a 4-day training Academy, followed by a 2-day conference and 1-day of free Training for all registrants. The two-day Conference on October 25-26 features a comprehensive program presented in four tracks—including cloud security and SCADA security—and product displays from leading vendor sponsors. ISSA members receive a $200 discount off the 2-day conference fees (does not include Academy but does include $500 of free Training on October 27) by registering with the code HHUSA-ISSA on the electronic registration page.

For more information click here

Discount to ISSA members: $200 off the prevailing rate at time of registration (2 day conference pass only) and/or free exhibits admission.

Business Engagement and the Information Security Professional

Dates: October 25-28, 2011
Location: Tuck School of Business, Dartmouth College Hanover, NH, USA
Cost: $5,350

This executive education course will enhance participants’ leadership, financial, and communication skills, so they may engage more effectively with other business leaders throughout the enterprise. Participants will also refine their understanding of risk management and decision-making and have the opportunity to share best practices with colleagues from other companies. The program is designed for CISOs, their direct reports and other directors/managers who interact with business colleagues across the organization and are seeking to complement their technical expertise. The course is offered by Tuck Executive Education in partnership with the Center for Digital Strategies.

To register and for more information click here. ISSA members can register until September 22.

SecureWorld Expo

November 2-3, 2011
Plano Convention Center
Plano, TX

Let Training Camp help you get the certifications you need. Contact us for more information TODAY!

November 16-17, 2011
Meydenbauer Convention Center
Bellevue, WA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS11.

SecureWorld+ Extended Training 2011 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS11.

For event details and registration go to: http://www.secureworldexpo.com/

Global Enterprise Mobility Forum

Dates: November 15 – 16, 2011
Location: London
Cost: 999 Euro + VAT
Discount to ISSA Members: 15%
Discount Code: GEMF

Today, companies must have the ability to easily access business-critical information from anywhere and to move business information quickly and securely between the back office and the front lines. Implementing a suitable mobile platform and a technology solution, further equipping its road warriors with adequate tools and devices, becomes vital. Here are 6 Reasons Why You Can’t Miss Enterprise Mobility Congress 2011:

Learn what CIOs and CTOs need to think about before implementing an enterprise mobility project.
Find Essentials of your existing mobility strategy to meet your corporate expectation
Discover Successful case studies and best practices around mobile strategies and their deployment
Empower your mobile workforce
Growing security concerns around enterprise mobility; ensure that proprietary and confidential business information is secure - key component of any CIO's and CTO’s efforts
Find out undeniable role and importance of the field service excellence

For more information or to register click here

CISO Summit 2011

Date: December 6-7, 2011
Location: Scottsdale, AZ
Cost: Sponsorship packages available between $25,000 - $60,000. Delegate registration $2,995.
Discount Code: ISSA
Vendors receive a 25% discount

Four (4) VIP Passes for qualifying attendees from your CISC/Senior IT leader community to attend the 2011 CISO Summit. The CISO Summit is a chance for CISOs and IT security executives to meet with their peers from multiple industries including, but not limited to, healthcare, finance, insurance, government, telecom, utilities, and education. This three day summit features engaging keynote speeches, open forums, think tanks, case studies, and panel discussions on the latest information security topics and trends. Open discussions and networking time give attending CISOs and information security executives the opportunity to discuss common problems and discover new and innovative solutions. Attendees will leave the event with new business contacts and new ideas on how to move their business forward.

To register and for more information click here.

Exam/Certification

ISACA's Certified Information Systems Auditor™ (CISA®) and Certified Information Security Manager® (CISM®) designations are offered during June and December each year.

The exams are offered in over 230 locations, world–wide.

For additional CISA and CISM exam information please visit http://www.isaca.org/issa

ISSA E-News: October 6, 2011

In this Issue

ISSA International Conference
Welcome the Newest Chapter – Montana – Gallatin Valley!
International Awards: 15 to Be Recognized in Baltimore
Apply for Senior Member Beginning October 20
ISSA Web Conference: Rise of the Cyber Criminal
Industry Webinars
The ISSA Journal: Call for Articles
Maryland Cyber Challenge
ISSA and Industry Events

Sponsors

ISSA International Conference - an Invitation from Kevin L. Richards, President, ISSA International

Dear Colleague:

What can make us more effective today, while designing the security programs and careers that we want for the new decade? Your fellow information security professionals have worked diligently to target the subject matter of the ISSA International Conference on this proactive vision. Please join us on October 20 and 21 in Baltimore.

The line-up of keynote and featured speakers is great; these luminaries will provide practical and thought provoking presentations. I am particularly interested in General Alexander’s vision for the future of information security. Please review the Conference Guide – I think you will be impressed with variety of topics addressed in more than 40 sessions including:

“The State of the Hack” - Kevin Mandia
“Responding to the Three Most Common Data Breaches - Everything You Need to Know” - Dr. Christopher T. Pierson, Esq. & James T. Shreve, Esq.
“Managing Securely Constructed Software Projects” - James R. Lindley
“Security Careers for the Coming Decade: What Got You Here Today Won’t Get You There Tomorrow” - Debra Christofferson, Kim Jones & Pamela Fusco

Please register to join us today at www.issaconference.org.

I look forward to seeing you in Baltimore,

Kevin L. Richards
President
ISSA International Board of Directors

Welcome the Newest Chapter – Montana – Gallatin Valley!

On behalf of the ISSA International Board, we are excited to officially welcome ISSA Montana – Gallatin Valley as the newest developed chapter. Through the efforts of Danny Rowell and his ISSA colleagues, the Montana Chapter joins a worldwide network of 154 chapters now representing members in 70 countries.

International Awards Reception

Fifteen industry leaders will be honored for their outstanding contributions to the advancement of the information security profession and ISSA. The International Awards will be presented on October 20 at a reception at the ISSA International Conference in Baltimore, MD USA. Join the Who’s Who of the information security community and toast these influential leaders who have demonstrated a superior level of expertise, effectiveness, and dedication.

Apply for Senior Member Beginning October 20

Have you been an ISSA member for 5 years? Do you have 10 years of work experience in the information security field? Join this select group of professionals by applying for Senior Member status. Your application package must include the following items:

Application form, signed by your Chapter Board of Directors (at-large members may submit directly).
Certification of membership form (final page of application)
Resume

Applications will be accepted between October 20 and December 1, 2011. All documents must be received by midnight US Pacific time on December 1. Documents may be faxed to +1 206 299 3366 or emailed to fellow@issa.org. Senior Members will be listed on the website and will receive a special certificate.

Please be sure all questions on the application are answered. Consult the complete submission guidelines. Questions should be addressed to fellow@issa.org or 1 866 349 5818 (toll free within US), +1 206 388 4584 (international), extension 102.

ISSA Web Conference: Rise of the Cyber Criminal

Live Event: October 25, 2011
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Generously supported by:

Click here to register for this ISSA Web Conference

Web Conference Overview:

The advent of interconnected devices, allowing for portability of corporate secrets, has given rise to a completely different class of nefarious actors. Cyber criminals range from those bent on stealing your personal information to “cyber terrorists” who have the capability to inflict harm on a much wider scale. Uninhibited by current laws, they are very effective given the speeds of networks, lack of appropriate security controls, and the anonymous nature of the attacker. Making matters worse, the crime may be perpetrated by entities outside of the legal jurisdiction where the unlawful act took place. This web conference will explore the following: understanding how these crimes occur, what can be done to prevent them, and how to safeguard your data.

Industry Webinars

Industry experts from some of today's top security companies offer their thought leadership and expertise to help tackle current security threats and challenges. Current webinar topics include:

On-Demand Industry Webinar - PaRaBaL iPhone Security Training Exercises

Sponsored by:

Webcast Description:

By the end of 2011, one out of every two cell phones in the United States is projected to be a smart phone on either the Apple or Android platform. These devices are being used for everything from watching videos to online banking. Training your personnel on how to keep smart phones and mobile devices secure from hacker attacks has hit a critical mass. PaRaBal’s experienced team of credentialed instructors is ready to provide the training you need to keep your organization safe and secure. The webinar is divided into 4 exercises. Please feel free to use the table of contents on the left side to move from exercise to exercise. Each exercise relates to a real life use of the exercise. Some of the exercises show how malfeasance is performed using an iPhone by someone with malicious intentions. Understanding where the iPhone and iPad are not secure allows for policies to make them more secure.

DISCLAIMER:

This webinar shows exercises that highlight the vulnerabilities of the iPhone. These exercises are not intended to be used in real world scenarios. The exercises are for ethical hacking purposes only to show where and how the iPhone is vulnerable. Security professionals tasked with defending data, armed with the knowledge of the vulnerabilities, can design security policies to keep the iPhone or iPad secure. It is not intended to be practiced by users - it is an example of where and how the iPhone can be compromised. It is then the responsibilities of the security professionals to write security policies to insure these vulnerabilities are prevented.

Click here to register and begin viewing this on-demand webinar

Posted: September 30 , 2011

Knowledgeable Users Are the Best Cyber Security Defense

Click here to register and begin viewing this on-demand webinar

Webcast Description:

In this 30-minute session, you will learn about the key cyber security training activities that differentiate vulnerable organizations from prepared organizations. How prepared are your end users, employees, and contractors for the increasingly sophisticated and complex cyber security attacks they face? Cyber crime costs continue to rise and company breaches hit the headlines every day. This webinar will discuss cyber security training defense methods, practices used to date, recent research in the field, and breakthrough methods coming to market. In a never ending battle, these new methods represent a paradigm shift in how the industry must react. As a participant, please contact Wombat to learn about the FREE phishing simulation assessment in honor of Cyber Security Awareness Month.

Click here to register and begin viewing this on-demand webinar

Posted: September 20 , 2011

The ISSA Journal: Call for Articles

The ISSA Journal is looking for articles related to IT Security and Governance for our December issue.

Governance is the framework by which executive management manages and controls the organizational activities to achieve goals and objectives - adding value while balancing risk with return on investment. There is no "one-size-fits-all" approach, and each organization must incorporate IT and Security into its organizational governance approach. The framework is reflected in leadership styles, organizational structures, processes, and accountability for the actions taken.

For more information click here.

Due Date: November 1, 2011

ISSA International Conference Attendees Invited to Attend Maryland Cyber Challenge & Conference (MDC3) on Saturday, October 22

The inaugural Maryland Cyber Challenge & Conference (MDC3) featuring the state’s high school and college students as well as information security professionals will be held at the Baltimore Convention Center the same week as the ISSA International Conference. The students will compete on Saturday, October 22. MDC3 is offering a special one day rate of $75 on Saturday so you can watch the student competitions. To register, please visit http://mdc3.org/registration.html and register as a “Conference Attendee.”

MDC3 was created with the goal of encouraging Maryland students and young professionals to pursue education and careers in cybersecurity. MDC3 supports the State of Maryland’s initiative to become the nation’s epicenter for innovation in cybersecurity. For more information, please visit http://mdc3.org www.mdc3.org.

ISSA and Industry Events

Have a chapter event to post? Let us know!

ISSA CISO Executive Forum

Baltimore, MD	October 21 - 22, 2011
San Francisco, CA	February 25 - 26, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

Hawaii Chapter Hosts: Discover Security Conference 2011 – Sink or Swim: Security as a part of Enterprise Survival

Dates: October 12-13, 2011
Time: 8 AM-5 PM
Location: Hale Koa Hotel – Honolulu, Hawaii
Cost: $70 for non-members
Discount to ISSA Members: $35 for members

Sink or Swim! Whether your enterprise requires a traditional data center, a virtual infrastructure for private cloud, a public cloud architecture, or somewhere in between you still need to worry about security, disaster recovery, compliance, performance, and availability. And, of course, all of this needs to be done with a limited budget.

Many presentations will touch base on these topics and more:

Cloud based Security offerings
Intrusion Prevention Systems
Green IT
Disaster Recovery
Physical Security
Compliance/Auditing
Application Whitelisting
Securing Mobile Devices
Secure remote access
Behavior and Reputation Based Desktop Security

Click here to register and for more information.

Vendors can contact Roland Yee by emailing roland.yee@tig.com or call 808.368.2533

Raleigh North Carolina Chapter Hosts: 2011 Triangle InfoSeCon

Date: October 20, 2011
Location: The McKimmon Center, NC State University, Raleigh NC
Cost: $35 for ISSA Members, $45 for Sister Professional, government and educational. See Raleigh.issa.org for additional information on registration fees.

The Raleigh Chapter is pleased to announce the 2011 InfoSeCon. This year's conference features eight different security tracks:

Applications & Development Security
Cloud & Virtualization Security
Data & Endpoint Security
Governance, Risk and Compliance
Pen Testing / System & Network Auditing
Physical Security
Professional Development
Strategy & Architecture;

Other Events Include:

Lightning Talks
Capture the Flag, Lockpick Village, and Gringo Challenge

Keynote speakers include: Tom Limoncelli, Time Management Guru; Lenny Zeltser, Security Practice Diretor, Savvis; and Marc Hoit, Vice Chancellor for IT and CIO NC State University.

And fantastic door prizes.

Click here for registration and more information.

ISSA International Conference

Special Events Held in Conjunction with the ISSA International Conference:

Chapter officers plan on arriving in Baltimore early to attend the Chapter Leaders Summit on October 19*.
CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 22*, immediately following the International Conference.

*Open to qualified attendees only.

The 26^th Annual Orange County Information Security Symposium

Date: October 26, 2011
Time: 8:00 AM - 6:00 PM
Location: Hyatt Regency, Long Beach, CA
Cost: Attendance fee $95 until Oct 1 - $115 thereafter
Discount to ISSA Members: $20

The Orange County Information Security Symposium is the premiere SoCal information security program dedicated to the advancement of the information security profession. Speakers are selected for their information security reputation and knowledge of leading issues in the field. This is a full day event that draws information security professionals throughout the Southern California area from both the private and public sector.

UK Regional Meeting – Glasgow

Date: November 1, 2011
Time: 3:00 PM - 7:00 PM
Location: Pricewaterhouse Coopers LLP 141 Bothwell Street Glasgow G2 7EQ Scotland United Kingdom

Free event and is open to ISSA members only.

Founding Chattanooga Chapter of ISSA

Date: November 3, 2011
Time: 5 PM
Location: Blue Cross Blue Shield of Tennessee, 1 Cameron Hill Circle, Chattanooga, TN 37402
Cost: Free

This meeting will be to organize the founding of a Chattanooga Chapter of the ISSA. The meeting will judge the expression of interest and commitment to founding a chapter as well as make decisions on at least three events for 2012. A preliminary executive committee or board will be chosen and by-laws will be adopted. Sponsorship will be discussed, and vendor sponsors are welcome to attend.

For more information email Mark Williams

Metro-Atlanta Chapter Hosts- Security by Design

Dates: November 8-9
Time: 8 AM – 8 PM (including extra after hours activities)
Location: Loudermilk Center 40 Courtland St. NE Atlanta, GA 30303
Cost: $200
Discount to ISSA Members: $135 using code ISSA2011

Four diverse yet complementary security groups (Metro-Atlanta ISSA chapter, ASDFED, NCMS, and OWASP) are providing events, speakers and attendee groups, so this will be two days packed full of education and insight. As the theme suggests, an important goal of the conference is to foster a mindset of making information security a fundamental building block of organizations and programs from the outset.

Security should be a cornerstone, not an afterthought.

Conference offerings include: informational sessions, industry expert panels, workshops and peer discussion forums. Events provide value for security professionals across the spectrum. Tracks cover administration, technology, and laws and compliance.

To register and for more information click here for registration and more information

South Florida Hosts: Taking Security Seriously?!

Date: November 2, 2011
Time: 8 AM – 6 PM
Location: Signature Grand, 6900 State Road 84, Ft. Lauderdale, FL
Cost: $150 (non-members)
Discount to ISSA Members: $50 Discount Code: ReallyISSA

Come down to South Florida for the one day conference packed with great presentations and networking opportunities. We will be running three tracks tailored to business and technical (both defensive and offensive) content to inspire great discussions to determine if we are really taking security seriously!

To register click here

Phoenix Chapter Hosts: Protecting your Business & Customers From Electronic Crimes Conference

Date: December 15, 2011
Time: 8:30 AM - 5:00 PM
Location: Arizona State University SkySong Campus, 1475 North Scottsdale Road, Scottsdale, AZ 85257.
Cost:$125
Discount to ISSA members: Members pricing $100
Government Employees: $50

This conference will bring together government officials, security leaders, technology experts, senior executives, and policy makers who are developing strategies to address the ever-growing threat to our nation’s financial payment systems and customer data security. The purpose of the conference is to provide consumers, retailers, dealers, lawyers, accountants, financial services, and other professions with an opportunity to advance their knowledge and to participate in the formulation of strategic collaborative alliances between the private and public sectors to confront Electronic Crimes.

To register for this event click here.

Interested sponsors please contact Sheila Martin - 602-300-2682 or email events@azbizopps.org for further information.

Industry Events

SecureWorld Expo

November 2-3, 2011
Plano Convention Center
Plano, TX

Thousands of customers in 46 countries trust Websense data security.

November 16-17, 2011
Meydenbauer Convention Center
Bellevue, WA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS11.

SecureWorld+ Extended Training 2011 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS11.

For event details and registration go to: http://www.secureworldexpo.com/

9th Annual Executive Women's Forum National Conference

Dates: October 19 - 21, 2011
Location: Scottsdale, Arizona
Cost: $1,995
Discount to ISSA Members $200
Discount Code: EWF11ISACA

Description of Event: Interact with more than 200 global thought leaders in our field including Chief Information Security Officers, Chief Privacy Officers, Heads of Compliance, Governance, IT Risk and IT Audit from Fortune 100 to 1000 companies across all industries. Our conference will help you navigate the economic crisis with cost-cutting strategies in IT Security, Risk Management & Privacy, advice on what to execute for maximum business value with limited resources, and strategic and tactical insight on the breadth of today's tough IT decisions. Discover cost-saving technologies and processes, cost-effective ways to expand existing capabilities, and real-world examples that yield actionable next steps. Access to 17 hours of educational and keynote sessions, two hours of vendor access and evaluations, activities promoting colleague networking, and earn 17 CPE credits.

Innovate A Risk Framework that Drives Business Results
Embrace Consumerization and Accelerating Change
Ignite Creative Leadership

To register or for more information Click here.

Hacker Halted USA 2011

Dates: October 21-27, 2011
Location: Intercontinental Hotel, Miami, FL, USA

Hacker Halted is the world’s premier technical infosec event and the largest reunion of ethical hackers. It includes a 4-day training Academy, followed by a 2-day conference and 1-day of free Training for all registrants. The two-day Conference on October 25-26 features a comprehensive program presented in four tracks—including cloud security and SCADA security—and product displays from leading vendor sponsors. ISSA members receive a $200 discount off the 2-day conference fees (does not include Academy but does include $500 of free Training on October 27) by registering with the code HHUSA-ISSA on the electronic registration page.

For more information click here

Discount to ISSA members: $200 off the prevailing rate at time of registration (2 day conference pass only) and/or free exhibits admission.

Business Engagement and the Information Security Professional

Dates: October 25-28, 2011
Location: Tuck School of Business, Dartmouth College Hanover, NH, USA
Cost: $5,350

This executive education course will enhance participants’ leadership, financial, and communication skills, so they may engage more effectively with other business leaders throughout the enterprise. Participants will also refine their understanding of risk management and decision-making and have the opportunity to share best practices with colleagues from other companies. The program is designed for CISOs, their direct reports and other directors/managers who interact with business colleagues across the organization and are seeking to complement their technical expertise. The course is offered by Tuck Executive Education in partnership with the Center for Digital Strategies.

To register and for more information click here. ISSA members can register until September 22.

Global Enterprise Mobility Forum

Dates: November 15 – 16, 2011
Location: London
Cost: 999 Euro + VAT
Discount to ISSA Members: 15%
Discount Code: GEMF

Today, companies must have the ability to easily access business-critical information from anywhere and to move business information quickly and securely between the back office and the front lines. Implementing a suitable mobile platform and a technology solution, further equipping its road warriors with adequate tools and devices, becomes vital. Here are 6 Reasons Why You Can’t Miss Enterprise Mobility Congress 2011:

Learn what CIOs and CTOs need to think about before implementing an enterprise mobility project.
Find Essentials of your existing mobility strategy to meet your corporate expectation
Discover Successful case studies and best practices around mobile strategies and their deployment
Empower your mobile workforce
Growing security concerns around enterprise mobility; ensure that proprietary and confidential business information is secure - key component of any CIO's and CTO’s efforts
Find out undeniable role and importance of the field service excellence

For more information or to register click here

CISO Summit 2011

Date: December 6-7, 2011
Location: Scottsdale, AZ
Cost: Sponsorship packages available between $25,000 - $60,000. Delegate registration $2,995.
Discount Code: ISSA
Vendors receive a 25% discount

Four (4) VIP Passes for qualifying attendees from your CISC/Senior IT leader community to attend the 2011 CISO Summit. The CISO Summit is a chance for CISOs and IT security executives to meet with their peers from multiple industries including, but not limited to, healthcare, finance, insurance, government, telecom, utilities, and education. This three day summit features engaging keynote speeches, open forums, think tanks, case studies, and panel discussions on the latest information security topics and trends. Open discussions and networking time give attending CISOs and information security executives the opportunity to discuss common problems and discover new and innovative solutions. Attendees will leave the event with new business contacts and new ideas on how to move their business forward.

To register and for more information click here.

ISSA E-News: September 8, 2011

In this Issue

Virtual Membership Meeting: September 14
ISSA Web Conference: Educating Senior Business Management
Make Yourself Heard
ISSA International Conference
Until September 30: Receive 40% off Best-Selling Information Security Publications
International Awards: 15 to Be Recognized in Baltimore
The ISSA Journal: Call for Articles October – The Cloud / Virtualization
ISSA and Industry Events

Sponsors

Virtual Membership Meeting: September 14

How does ISSA International support your professional development and advance the field? Join the International Board of Directors for the Annual Membership Meeting when your leaders will report on their ongoing work, the successes of the past year, goals for the year to come, and the association’s finances.

Date: September 14
Time: 8:00 AM US Pacific Time (11:00 AM US Eastern, 16:00 Europe/London, midnight September 15 Asia/Tokyo)
Location: Online, https://www2.gotomeeting.com/register/918764522

Please save the date and plan on attending the Annual Membership Meeting. Click here to register.

Educating Senior Business Management

Live Event:September 27, 2011
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Generously Supported by:

Web Conference Overview:

In today’s economy security professionals and technologies are often victims of their own success. When security is well implemented and managed, it can become nearly invisible. Organizations rarely see the impacts of successful malicious attacks, and the benefits of security may go unnoticed or be totally undetectable. However, most organizations need to cut or refrain from purchasing anything that has not had or will not have immediate visible results for the bottom line. This mindset extends not only to the operations of the organization, but also down to the very applications that the company creates and purchases. This session will provide information and strategies that demonstrate why senior management should buy into mandating security functionality for the applications they develop, purchase, and deploy.

Make Yourself Heard

To deliver more timely and relevant content to you, ISSA is embarking on an initiative to integrate social media into our communications. Our new social media platforms will also provide you with a more efficient method of communicating with your local chapters and fellow members, introduce colleagues to the benefits of ISSA membership, and give you opportunities to develop a more robust peer network.

Your input is essential to make the new social networking initiative as effective as possible in meeting your needs. We would like to develop a social media strategy that will allow us to expand our worldwide community of information security professionals. This is a very important project for ISSA and you can help us by looking for our social media survey that will be sent to you in the near future.

Please take a couple of minutes to complete the survey. We will then do the heavy lifting of organizing the data and providing you with an invaluable professional tool box.

ISSA International Conference

Design Your Future - Security 2020
October 20-21, 2011
Baltimore, Maryland
www.issaconference.org

Conference Guide now available on-line and in the September issue of the ISSA Journal. Noted keynotes, featured speakers and targeted break-out sessions will help you be effective today and design your future. Your ISSA membership allows you to attend the ISSA International Conference for just $235 USD. Registration includes two days of the conference, all keynotes, sessions, lunch both days, the October 19 Opening Reception, and the October 20 International Awards Ceremony. Over 12 hours of continuing education available.

Here are a sampling of the offerings available to you:

The Evolving and Systemic Nature of Global Internet Threats Danny McPherson - Chief Security Officer, Verisign
There are many threats and attack surface elements inherent to IP-based networks and in particular those of the global Internet. Additionally, convergence of traditional networked systems and services onto a common IP fabric and transmission network substrate introduce new challenges. While the global Internet infrastructure has become much more robust and densely interconnected, content and information is more consolidated and centralized than ever. This has created multi-national shared dependencies, systemic risks, and asymmetric threats that present complex engineering, security, operations, and regulatory challenges. In this session, the evolution of the Internet architecture will be discussed – to include interconnection strategies, application, and traffic distribution over time – challenges and threats this has created will be highlighted. Strategies for mitigating these risks will also be addressed.

Responding to the Three Most Common Data Breaches - Everything You Need to Know Dr. Christopher T. Pierson, Esq. - SVP, Chief Privacy Officer, RBS/Citizens Financial Group & James T. Shreve, Esq. - Attorney, BuckleySandler LLP
With 46 US state laws, two federal guidances (healthcare & financial), and three District of Columbia laws, figuring out how to analyze and respond to a data breach incident has become more complex. This presentation will summarize the status of current and pending data breach laws, differences, and will continue by aligning the laws and regulations to the three most common data breaches. Attendees will be able to walk away with concrete action plans and operational processes for being team players from an information security, risk, legal, and compliance perspective. This session will go beyond the law and focus on execution.

The State of the Hack Kevin Mandia - Chief Executive Officer, MANDIANT
For years, Kevin Mandia has been on the front lines assisting organizations in responding to international computer intrusions, theft of customer credentials, and widespread compromise of sensitive data. In this presentation, he will provide case studies that describe the most recent computer security incidents to which he has responded. Additionally, he will address how these incidents impact organizations and the challenges that each organization faced. He will demonstrate the state-of-the-art methods being used to respond to these incidents and he access emerging trends and technologies that offer strategic approaches to minimize the risks an organization faces from the liabilities the information age has brought.

Click here for a complete listing of sessions.

Through September 30: Receive 40% off Best Selling Information Security Publications

John Wiley & Sons, a leading publisher of technology titles, is pleased to offer ISSA members a 40% discount on several of their best-selling information security titles. Titles include:

Security Engineering 2e
Network Security Bible 2e
Cryptography Engineering
Build Your Own Security Lab
CEH Prep Guide
CISSP Prep 3e Platinum
Database Hackers Handbook
The Art of Intrusion
Schneier on Security
Secrets and Lies

Web Application Hackers Handbook - Coming in October
Malicious Cryptography
Security 2020
Social Engineering
Malware Analyst’s Cookbook
SSL and TLS Using Cryptography and PKI
CEH: Certified Ethical Hacker Study Guide
CompTIA Security+ Study Guide
CompTIA Secuirty+ Certification Kit, 2e
CISSP, 5e

See member for details on this and other discounts.

International Awards: 15 to Be Recognized in Baltimore

Fifteen industry leaders will be honored for their outstanding contributions to and advancement of the information security profession and ISSA. The awards will be presented on October 20 at a reception at the ISSA International Conference in Baltimore, MD USA. Join the Who’s Who of the information security community and toast these influential leaders who have demonstrated a superior level of expertise, effectiveness and dedication to the advancement of the profession.

Hall of Fame

Honor Roll

Security Professional

Public Service

Organization

Chapter: Less Than 100 Members

Chapter: 100-200 Members

Chapter: More Than 200 Members
Metro Atlanta

Communications
United Kingdom

Thank you to Attachmate Luminet for their generous support of the awards program

The ISSA Journal: Call for Articles October – The Cloud / Virtualization

The ISSA Journal is looking for articles related to cloud computing and virtualization for our October issue.

Information technology is transforming to a service-based, scalable infrastructure, and your choice to embrace it as a security professional will define your career going forward. No longer do we point to a machine in a data center and say, “Yep, that application runs there.” Virtualization ended that ability.

You can’t stop the transformation – the economics around cloud and virtualization are too compelling. Resisting will leave you behind. Embracing on-demand IT will make you valuable if you can do it securely. How have you met these challenges in your industry or company? What pressures do you face and how have you responded to those pressures? How has virtualization and cloud changed how you secure your enterprise, and what advice can you give to others?

ISSA and Industry Events

ISSA CISO Executive Forum

Baltimore, MD	October 21 - 22, 2011
San Francisco	February 25 - 26, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

ISSA-UK Chapter Meeting - London

Date: September 8, 2011
Time: 3:00 PM - 7:00 PM
Location: PriceWaterhouse Coopers, London

This event will feature Christopher Graham, the Information Commissioner.

This free event is open to ISSA members only.

Click here to register and for more information

Annual ISSA Membership Meeting

Date: September 14, 2011
Time: 8:00 AM US Pacific Time (11:00 AM US Eastern, 16:00 Europe/London, midnight September 15 Asia/Tokyo)
Location: Online

The International Board of Directors will report on the association’s finances, their ongoing work, the successes of the past year and goals for the year to come. The new Board members will also take office at this time.

Please save the date and plan on attending the annual meeting. Click here to register.

Middle Tennessee Chapter Hosts Nashville InfoSec 2011

Date: September 15, 2011
Time: 8:00 AM to 5:00 PM
Location: Nashville Convention Center
Cost: $135
Discount to ISSA Members: $90 for members

Middle Tennessee ISSA and Nashville Technology Council (NTC) host over 400 attendees and two-dozen locally and nationally recognized speakers. InfoSec offers two industry-recognized keynote speakers, panel discussions and multiple breakout sessions focusing on technical and management issues, as well as healthcare and other industry regulations in the security industry.

The Southeast’s leading security conference now in its twelfth year. InfoSec brings technologists and security professionals for a full day of exciting speakers and networking opportunities.

GrrCON – Midwest InfoSec & Hacker Conference

Date:September 16, 2011
Location: Grand Rapids, MI – Devos Place, 303 Monroe Ave. NW, Grand Rapids, MI 49503
Cost: $95
Discount to ISSA Members: $5 off registration
Coupon Code: issa_UAH3SN2

A Premier Midwest Information Security and Hacker Conference. This conference is targeted to information security professionals, privacy and compliance professionals, hackers, students, security researchers, industry leaders, and those responsible for organizational information security and compliance decision making. The conference will be featuring innovative and timely tracks covering many areas of information security, compliance, and privacy. The conference will concentrate on key topics related to information security with presentations provided by recognized subject matter experts and includes exhibits by some of the nation's leading organizations.

Click Here for additional details on the event and to register.

Sponsorship opportunities are available by emailing sponsor@grrcon.org

Central Ohio ISSA Golf Outing – Muirfield Village Country Club Central Ohio

Date: September 26, 2011
Time: 10:30 AM registration
Location: Muirfield Village Country Club Dublin, Ohio
Cost: $99.00
Cost to ISSA Members: $45.00

To register or for more information http://www.centralohioissa.org/

If you have participated in this event in past years, you will know that it is a fun event for any level of golf enthusiast. The Central Ohio ISSA Board has decided to bring back this event this fall for your enjoyment. Expect a fun filled round of golf, including a box lunch, two drink tickets for each registered player (cash after that) and a reception and awards ceremony following the round of golf.ISSA members will be required to show proof of membership when registering to receive a member discount.

Phoenix Chapter Hosts: Q4/11 Quarterly Training Forum

Date: Tuesday, October 4, 2011
Time: 11:30 AM–5 PM
Location: ITT Technical Institute 5005 W. Wendler Dr., Tempe, AZ 85282 (NW Corner, I-10 & Baseline, Across from Fry's Electronics)
Cost: ISSA members attend free when pre-registering. Walk-ins, guests, and non-members $25

Please join us! Our speakers represent security leaders in different industries who will share their insights and expertise. Stay on top of an ever-changing field with leading edge content. Get a free lunch and snacks. Earn 4 hours CPE credits for certification maintenance (we provide the certificate). Meet and network with other security professionals. Win great door prizes!

Click here for registration and for more information.

Rochester Security Summit 2011

Date(s): October 4 – 5, 2011
Time: 8 AM – 5 PM
Location: Hyatt Regency Rochester
Cost: $150 Standard 2 Day Registration - Early registration discounts of 10%
Discount to ISSA Members: Additional 10% discount with code ISSA-MEMBER-65407

The 6th annual Rochester Security Summit will feature four professional educational tracks: Business Security Track, Application Security Track, Infrastructure Track and the Ethical Hacking Training. After selling out last year with over 200 professionals, we have majorly upgraded our attendee and sponsorship capacity. We are excited to bring you this premiere IT security event for professionals in Upstate/Western NY. We are pleased to have Marcus J. Ranum, CSO of Tenable Network Security, Inc. as our keynote this year along with another great line up of top speakers.

Click here for registration and more information.

Hawaii Chapter Hosts: Discover Security Conference 2011 – Sink or Swim: Security as a Part of Enterprise Survival

Date(s): October 12-13, 2011
Time: 8 AM-5 PM
Location: Hale Koa Hotel – Honolulu, Hawaii
Cost: $70 for non-members
Discount to ISSA Members: $35 for members

Sink or Swim! Whether your enterprise requires a traditional data center, a virtual infrastructure for private cloud, a public cloud architecture, or somewhere in between you still need to worry about security, disaster recovery, compliance, performance, and availability. And, of course, all of this needs to be done with a limited budget.

Many presentations will touch base on these topics and more:

Cloud based Security offerings
Intrusion Prevention Systems
Green IT
Disaster Recovery
Physical Security
Compliance/Auditing
Application Whitelisting
Securing Mobile Devices
Secure remote access
Behavior and Reputation Based Desktop Security

Click here to register and for more information: http://www.issahawaii.org/

Vendors can contact Roland Yee by emailing roland.yee@tig.com or call 808.368.2533

Raleigh NC Chapter Hosts: 2011 Triangle InfoSeCon

Date: October 20, 2011
Location: The McKimmon Center, NC State University, Raleigh NC
Cost: $35 for ISSA Members, $45 for Sister Professional, government and educational. See Raleigh.issa.org for additional information on registration fees.

The Raleigh ISSA Chapter is pleased to announce the 2011 InfoSeCon. This year's conference features eight different security tracks:

Applications & Development Security
Cloud & Virtualization Security
Data & Endpoint Security
Governance, Risk and Compliance
Pen Testing / System & Network Auditing
Physical Security
Professional Development
Strategy & Architecture;

Other Events Include:

Lightning Talks
Capture the Flag, Lockpick Village, and Gringo Challenge

Keynote speakers include: Tom Limoncelli, Time Management Guru; Lenny Zeltser, Security Practice Diretor, Savvis; and Marc Hoit, Vice Chancellor for IT and CIO NC State University.

And fantastic door prizes.

Click here for registration and more information.

ISSA International Conference

Special Events Held in Conjunction with the ISSA International Conference:

Chapter officers plan on arriving in Baltimore early to attend the Chapter Leaders Summit on October 19*.
CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 22*, immediately following the International Conference.

*Open to qualified attendees only.

The 26^th Annual Orange County ISSA Information Security Symposium

Date: October 26, 2011
Time: 8:00 AM - 6:00 PM
Location: Hyatt Regency, Long Beach, CA
Cost: Attendance fee $95 until Oct 1 - $115 thereafter
Discount to ISSA Members: $20

The Orange County Information Security Symposium is the premiere SoCal information security program dedicated to the advancement of the information security profession. Speakers are selected for their information security reputation and knowledge of leading issues in the field. This is a full day event that draws information security professionals throughout the Southern California area from both the private and public sector.

UK Regional Meeting – Glasgow

Date: November 1, 2011
Time: 3:00 PM - 7:00 PM
Location: Pricewaterhouse Coopers LLP 141 Bothwell Street Glasgow G2 7EQ Scotland, United Kingdom

Free event and is open to ISSA members only.

South Florida Hosts: Taking Security Seriously?!

Date: November 2, 2011
Time: 8 AM – 6 PM
Location: Signature Grand, 6900 State Road 84, Ft. Lauderdale, FL
Cost: $150 (non-members)
Discount to ISSA Members: $50 Discount Code: ReallyISSA

Come down to South Florida for the one day conference packed with great presentations and networking opportunities. We will be running three tracks tailored to business and technical (both defensive and offensive) content to inspire great discussions to determine if we are really taking security seriously!

To register click here

Founding Chattanooga Chapter

Date: November 3, 2011
Time: 5 PM
Location: Blue Cross Blue Shield of Tennessee, 1 Cameron Hill Circle, Chattanooga, TN 37402
Cost: Free

This meeting will be to organize the founding of a Chattanooga Chapter of the ISSA. The meeting will judge the expression of interest and commitment to founding a chapter as well as make decisions on at least three events for 2012. A preliminary executive committee or board will be chosen and by-laws will be adopted. Sponsorship will be discussed, and vendor sponsors are welcome to attend.

For more information email Mark Williams

Metro-Atlanta Chapter Hosts- Security by Design

Dates: November 8-9
Time: 8 AM – 8 PM (including extra after hours activities)
Location: Loudermilk Center 40 Courtland St. NE Atlanta, GA 30303
Cost: $200
Discount to ISSA Members: $135 using code ISSA2011

Four diverse yet complementary security groups (Metro-Atlanta ISSA chapter, ASDFED, NCMS, and OWASP) are providing events, speakers and attendee groups, so this will be two days packed full of education and insight. As the theme suggests, an important goal of the conference is to foster a mindset of making information security a fundamental building block of organizations and programs from the outset.

Security should be a cornerstone, not an afterthought.

Conference offerings include: informational sessions, industry expert panels, workshops and peer discussion forums. Events provide value for security professionals across the spectrum. Tracks cover administration, technology, and laws and compliance.

To register and for more information click here for registration and more information

Industry Events

SecureWorld Expo

St. Louis SecureWorld Expo

September 13-14, 2011
America’s Center
St. Louis, MO

Bay Area SecureWorld Expo

September 21-22, 2011
Santa Clara Convention Center
Santa Clara, CA

Detroit SecureWorld Expo

October 5-6, 2011
Ford Motor Company Conference & Event Center
Dearborn, MI

November 2-3, 2011
Plano Convention Center
Plano, TX

Let Training Camp help you get the certifications you need. Contact us for more information TODAY!

November 16-17, 2011
Meydenbauer Convention Center
Bellevue, WA

SecureWorld regional conferences deliver the most affordable, highest quality security education, training and networking right to your community. SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. SecureWorld also offers an exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Plus, you could earn 12-16 CPE credits toward your CISSP certifications.

ISSA MEMBERS are offered a $100 discount off the $265 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register online using code ISSNWS11.

SecureWorld+ Extended Training 2011 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS11.

For event details and registration go to: http://www.secureworldexpo.com/

5th Annual Conference on Security Analysis and Risk Management - “Security Risk 10 Years After 9/11: How Far Have We Come and What Lies Ahead?”

Date(s): Tuesday, September 13, 2011 8:30 AM - Thursday, September 15, 2011 12:30 PM Eastern Time
Location: George Mason University - Arlington Campus Founders Hall 3351 Fairfax Drive Arlington, VA 22201 USA

Cost:

General Registration - $495
Government/Academic Registration - $375
Evening Welcome Reception - $60

Discount to ISSA Members: Members receive 10% off all above rates when using the discount code ISSA2011.

The Security Analysis and Risk Management Association's annual conference is the primary outreach event for the security analysis and risk management community. It is an exceptional forum for collaboration, information sharing and networking, with a wide array of individuals from federal, state and local governments, private industry and academia in attendance.

At each of SARMA’s previous annual conferences, more than 50 domestic and international policy-makers, practitioners, scholars, analysts and other experts and decision-makers provided fresh perspectives on current trends and initiatives, discussed the shape of the profession and offered their insights into evolving national and international strategies for security risk management. Speakers included senior aides from the White House; senior managers and procurement officials from DHS, DOD, FEMA, TSA, USCG and other federal agencies; leading risk experts from Canada, Brazil, Italy and Australia; and officials from U.S. state and local governments.

To register or for more information click here

XXVI Bank Security Conference - Organized by FIBA – Florida International Bankers Association and FELABAN – The Latin American Federation of Banks

Dates: September 15-16, 2011
Location: Intercontinental Hotel, Miami, Florida
Cost: Special fee of $500 (15% discount to ISSA members)
Discount Code: Go to the website and click in registration’s menu: ISSA Members

Bank Security today encompasses nearly every aspect of banking, from operations, to human resources, IT systems, and even the customers of the bank. Because of the importance of these topics, FELABAN has taken the initiative to organize an annual Bank Security Conference, in partnership with the FELABAN Latin-American Center for Bank Security Officers. The academic program for this annual event addresses the growing list of bank security risks faced by banks at all levels.

To register and for more information click here.

UNITED Security Summit in San Francisco: Membership Discount of $200

Dates: September 19-20, 2011
Location: San Francisco’s Hyatt Fisherman’s Wharf
Discount to ISSA Members: $200 discount off of conference pricing to ISSA membership.
Discount Code: ISSASE0031

Attendees of the Summit will hear from leading industry and security experts including keynote Stephen Dubner, co-author of Freakonomics, VMware GM Chris Young, Khalid Kark from Forrester, Joshua Corman from Akamai Technologies and others. See the full speaker line-up on http://www.unitedsummit.org/speakers.jsp

Participating in the event makes you eligible for 16 CPE credits toward your certifications, so consider getting funding to attend from your travel budget as well as your training funds. Plus, you'll participate in a 2-day case study that helps you to better protect your networks from data breaches.

For more information and to register, please visit www.unitedsummit.org.

(ISC)²Security Congress - Collocated with the ASIS International 57th Annual Seminar and Exhibits

Exhibit Dates: September 19 - 21
Seminar dates: September 19 - 22 (plus pre-conference events September 17-18)
Location: Orange County Convention Center, Orlando, FL

The first annual (ISC)² Security Congress offers invaluable education to all levels of information security professionals, not just (ISC)² members. This event will provide information security professionals with the tools to strengthen their security without restricting their business. (ISC)² and ASIS International have teamed up to bring you the largest security conference in the world, with five days of education and networking opportunities. Don’t miss out. Register today!

Registered attendees will enjoy:

Keynotes from Jeb Bush, Former Governor of Florida and Vicente Fox, President of Mexico 2000-2006
700 plus exhibitors
200 conference sessions available throughout 22 education tracks
Top-notch speakers
2-day intensive education for CISSP® and CSSLP® certifications
Free half-day credential clinics for CISSP, CSSLP, CAP® or SSCP®
CISSP exam offered September 18

For more information click here

Discount to ISSA members: 15% (discount code ISSASC2011)

AppSec USA 2011: OWASP Application Security Conference

Dates: September 20-23, 2011
ISSA member discount: 15%
ISSA discount code: ISSASAVE

OWASP AppSec USA 2011 is an application security conference for information security and development enthusiasts building software - which plays such a vital role in our lives - to be more secure. Mobile security, penetration testing, and secure coding training September 20-21. Presentations, showroom, and Capture the Flag September 22-23. See experts like Moxie Marlinspike, John B. Dickson, and Brian Chess! As a bonus to ISSA members, save 15% on the conference proceedings September 22-23 when you register with the code ISSASAVE for this event in Minneapolis, Minnesota commemorating OWASP's tenth anniversary. REGISTER NOW

The Risk Revolution Lead the Charge to:

Dates: October 19 - 21, 2011
Location: Scottsdale, Arizona
Cost: $1995.00
Discount to ISSA Members $200.00
Discount Code: EWF11ISACA

Description of Event: Interact with more than 200 global thought leaders in our field including Chief Information Security Officers, Chief Privacy Officers, Heads of Compliance, Governance, IT Risk and IT Audit from Fortune 100 to 1000 companies across all industries. Our conference will help you navigate the economic crisis with cost-cutting strategies in IT Security, Risk Management & Privacy, advice on what to execute for maximum business value with limited resources, and strategic and tactical insight on the breadth of today's tough IT decisions. Discover cost-saving technologies and processes, cost-effective ways to expand existing capabilities, and real-world examples that yield actionable next steps. Access to 17 hours of educational and keynote sessions, two hours of vendor access and evaluations, activities promoting colleague networking, and earn 17 CPE credits.

Innovate A Risk Framework that Drives Business Results
Embrace Consumerization and Accelerating Change
Ignite Creative Leadership

To register or for more information Click here

Hacker Halted USA 2011

Dates: October 21-27, 2011
Location: Intercontinental Hotel, Miami, FL, USA

Hacker Halted is the world’s premier technical infosec event and the largest reunion of ethical hackers. It includes a 4-day training Academy, followed by a 2-day conference and 1-day of free Training for all registrants. The two-day Conference on October 25-26 features a comprehensive program presented in four tracks—including cloud security and SCADA security—and product displays from leading vendor sponsors. ISSA members receive a $200 discount off the 2-day conference fees (does not include Academy but does include $500 of free Training on October 27) by registering with the code HHUSA-ISSA on the electronic registration page. www.hackerhalted.com/2011

For more information click here

Discount to ISSA members: $200 off the prevailing rate at time of registration (2 day conference pass only) and/or free exhibits admission.

Business Engagement and the Information Security Professional

Dates: October 25-28, 2011
Location: Tuck School of Business, Dartmouth College Hanover, NH, USA
Cost: $5,350

This executive education course will enhance participants’ leadership, financial, and communication skills, so they may engage more effectively with other business leaders throughout the enterprise. Participants will also refine their understanding of risk management and decision-making and have the opportunity to share best practices with colleagues from other companies. The program is designed for CISOs, their direct reports and other directors/managers who interact with business colleagues across the organization and are seeking to complement their technical expertise. The course is offered by Tuck Executive Education in partnership with the Center for Digital Strategies.

To register and for more information click here

Global Enterprise Mobility Forum

Dates: November 15 – 16, 2011
Location: London
Cost: 999 Euro + VAT
Discount to ISSA Members: 15%
Discount Code: GEMF

Today, companies must have the ability to easily access business-critical information from anywhere and to move business information quickly and securely between the back office and the front lines. Implementing a suitable mobile platform and a technology solution, further equipping its road warriors with adequate tools and devices, becomes vital. Here are 6 Reasons Why You Can’t Miss Enterprise Mobility Congress 2011:

Learn what CIOs and CTOs need to think about before implementing an enterprise mobility project.
Find Essentials of your existing mobility strategy to meet your corporate expectation
Discover Successful case studies and best practices around mobile strategies and their deployment
Empower your mobile workforce
Growing security concerns around enterprise mobility; ensure that proprietary and confidential business information is secure - key component of any CIO's and CTO’s efforts
Find out undeniable role and importance of the field service excellence

For more information or to register click here

ISSA E-News: August 25, 2011

In this Issue

Look for the September Journal in Your Mailbox!
Welcome: Uruguay Chapter
Virtual Membership Meeting: September 14
Until September 30: Receive 40% off Best Selling Information Security Publications
ISSA International Conference
The ISSA Journal: Call for Articles October – The Cloud / Virtualization
ISSA Career Center
ISSA Web Conferences Available On Demand
ISSA and Industry Events

Sponsors

Prepare For Certification – 100% OnlineMaster the skills you need from Villanova University. Business Analysis, IS Security and more. Start today!

Look for the September Journal in Your Mailbox!

The September issue of the ISSA Journal is one of two print editions that will be mailed to you. Your electronic copy will be delivered as usual on September 1. Watch for your print copy the third week of the month.

Welcome: Uruguay Chapter

On behalf of the International Board, we are excited to officially welcome the Uruguay Chapter. Uruguay joins the worldwide ISSA community: 153 chapters and members in 70 countries. Congratulations!

Virtual Membership Meeting: September 14

How does ISSA International support your professional development and advance the field? Join the International Board of Directors for the Annual Membership Meeting when your leaders will report on their ongoing work, the successes of the past year, goals for the year to come and the association’s finances.

Date: September 14
Time: 8:00 AM US Pacific Time (11:00 AM US Eastern, 16:00 Europe/London, midnight September 15 Asia/Tokyo)
Location: Online, https://www2.gotomeeting.com/register/918764522

Please save the date and plan on attending the Annual Membership Meeting. Click here to register.

Until September 30: Receive 40% off Best Selling Information Security Publications

John Wiley & Sons, a leading publisher of technology titles, is pleased to offer ISSA members a 40% discount on several of their best-selling information security titles. Titles include:

Security Engineering 2e
Network Security Bible 2e
Cryptography Engineering
Build Your Own Security Lab
CEH Prep Guide
CISSP Prep 3e Platinum
Database Hackers Handbook
The Art of Intrusion
Schneier on Security
Secrets and Lies

Web Application Hackers Handbook - Coming in October
Malicious Cryptography
Security 2020
Social Engineering
Malware Analyst’s Cookbook
SSL and TLS Using Cryptography and PKI
CEH: Certified Ethical Hacker Study Guide
CompTIA Security+ Study Guide
CompTIA Secuirty+ Certification Kit, 2e
CISSP, 5e

Go to www.issa.org, select the Special Offers, under the Members tab, for details on this and other offers.

ISSA International Conference

Design Your Future - Security 2020
October 20-21, 2011
Baltimore, Maryland
www.issaconference.org

OPENING KEYNOTE:
General Keith B. Alexander
United States Army, Commander U.S. Cyber Command & Director National Security Agency Central Security Service

Visit www.issaconference.org for a complete agenda and registration details.

ISSA Members can attend the ISSA International Conference for just $235 USD, including both days of the conference, including all keynotes, sessions, lunch both days, and the October 20 International Awards Ceremony. Over 12 hours of continuing education available.

The ISSA Journal: Call for Articles October – The Cloud / Virtualization

The ISSA Journal is looking for articles related to cloud computing and virtualization for our October issue.

Information technology is transforming to a service-based, scalable infrastructure, and your choice to embrace it as a security professional will define your career going forward. No longer do we point to a machine in a data center and say, “Yep, that application runs there.” Virtualization ended that ability.

You can’t stop the transformation – the economics around cloud and virtualization are too compelling. Resisting will leave you behind. Embracing on-demand IT will make you valuable if you can do it securely. How have you met these challenges in your industry or company? What pressures do you face and how have you responded to those pressures? How has virtualization and cloud changed how you secure your enterprise, and what advice can you give to others?

ISSA Career Center:

The ISSA Career Center offers a listing of current job openings in the information security, assurance, privacy, and risk fields. Visit the career center to post an opening or look for new opportunities.

Just a Few of the Current listings:

Internal Affairs Analyst
Bridgewater Associates, LP

Information Security Engineer Lead
GTRI

IS Security Administrator
University of Richmond

Senior Information Security Analyst
University of Kentucky

Senior IT Architect
ETS (Educational Testing Service)

ISSA Web Conferences Available On-Demand: Silver Cloud of Success or Storm Cloud on the Horizon

Live Event:August 23, 2011
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Generously Supported by:

ISSA and Industry Events

ISSA CISO Executive Forum

Baltimore, MD	October 21 - 22, 2011
San Francisco, CA	February 25 - 26, 2012

For details on the CISO Forum click here.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Click here for complete membership criteria.

ISSA-UK Chapter Meeting - London

Date: September 8, 2011
Time: 3:00 PM - 7:00 PM
Location: PriceWaterhouse Coopers, London

This event will feature Christopher Graham, the Information Commissioner.

This free event is open to ISSA members only.

Click here to register and for more information

Annual ISSA Membership Meeting

Date: September 14, 2011
Time: 8:00 AM US Pacific Time (11:00 AM US Eastern, 16:00 Europe/London, midnight September 15 Asia/Tokyo)
Location: Online

The International Board of Directors will report on the association’s finances, their ongoing work, the successes of the past year and goals for the year to come. The new Board members will also take office at this time.

Please save the date and plan on attending the annual meeting. Click here to register.

Middle TN Chapter Hosts Nashville InfoSec 2011

Date: September 15, 2011
Time: 8:00 AM to 5:00 PM
Location: Nashville Convention Center
Cost: $120 early bird non-member (until Aug 24); $135 non-member after Aug 24
Discount to ISSA Members: $90 for members

Middle TN ISSA and Nashville Technology Council (NTC) host over 400 attendees and two-dozen locally and nationally recognized speakers. InfoSec offers two industry-recognized keynote speakers, panel discussions and multiple breakout sessions focusing on technical and management issues, as well as healthcare and other industry regulations in the security industry.

The Southeast’s leading security conference now in its twelfth year. InfoSec brings technologists and security professionals for a full day of exciting speakers and networking opportunities.

GrrCON – Midwest InfoSec & Hacker Conference

Date:September 16, 2011
Location: Grand Rapids, MI – Devos Place, 303 Monroe Ave. NW, Grand Rapids, MI 49503
Cost: $75 – Early Registration, $95 – Normal Registration
Discount to ISSA Members: $5 off registration
Coupon Code: issa_UAH3SN2

A Premier Midwest Information Security and Hacker Conference. This conference is targeted to information security professionals, privacy and compliance professionals, hackers, students, security researchers, industry leaders, and those responsible for organizational information security and compliance decision making. The conference will be featuring innovative and timely tracks covering many areas of information security, compliance, and privacy. The conference will concentrate on key topics related to information security with presentations provided by recognized subject matter experts and includes exhibits by some of the nation's leading organizations.

Click Here for additional details on the event and to register.

Sponsorship opportunities are available by emailing sponsor@grrcon.org

Central Ohio ISSA Golf Outing – Muirfield Village Country Club Central Ohio ISSA Golf Outing

Date: September 26, 2011
Time: 10:30 AM registration
Location: Muirfield Village Country Club Dublin, Ohio
Cost: $99.00
Cost to ISSA Members: $45.00

To register or for more information http://www.centralohioissa.org/

If you have participated in this event in past years, you will know that it is a fun event for any level of golf enthusiast. The Central Ohio ISSA Board has decided to bring back this event this fall for your enjoyment. Expect a fun filled round of golf, including a box lunch, two drink tickets for each registered player (cash after that) and a reception and awards ceremony following the round of golf.ISSA members will be required to show proof of membership when registering to receive a member discount.

ISSA Hawaii Chapter Hosts: Discover Security Conference 2011 – Sink or Swim: Security as a part of Enterprise Survival

Date(s): October 12-13, 2011
Time: 8 AM-5 PM
Location: Hale Koa Hotel – Honolulu, Hawaii
Cost: $70 for non-members
Discount to ISSA Members: $35 for members

Sink or Swim! Whether your enterprise requires a traditional data center, a virtual infrastructure for private cloud, a public cloud architecture, or somewhere in between you still need to worry about security, disaster recovery, compliance, performance, and availability. And, of course, all of this needs to be done with a limited budget.

Many presentations will touch base on these topics and more:

Cloud based Security offerings
Intrusion Prevention Systems
Green IT
Disaster Recovery
Physical Security
Compliance/Auditing
Application Whitelisting
Securing Mobile Devices
Secure remote access
Behavior and Reputation Based Desktop Security

Click here to register and for more information: http://www.issahawaii.org/

Vendors can contact Roland Yee by emailing roland.yee@tig.com or call 808.368.2533

Raleigh NC Chapter Hosts: 2011 Triangle InfoSeCon

Date: Thursday, October 20, 2011
Location: The McKimmon Center, NC State University, Raleigh NC
Cost: $35 for ISSA Members, $45 for Sister Professional, government and educational. See Raleigh.issa.org for additional information on registration fees.

The Raleigh ISSA Chapter is pleased to announce the 2011 InfoSeCon. This year's conference features eight different security tracks:

Applications & Development Security
Cloud & Virtualization Security
Data & Endpoint Security
Governance, Risk and Compliance
Pen Testing / System & Network Auditing
Physical Security
Professional Development
Strategy & Architecture;

Other Events Include:

Lightning Talks
Capture the Flag, Lockpick Village, and Gringo Challenge

Keynote speakers include: Tom Limoncelli, Time Management Guru; Lenny Zeltser, Security Practice Diretor, Savvis; and Marc Hoit, Vice Chancellor for IT and CIO NC State University.

And fantastic door prizes.

Click here for registration and more information.

ISSA International Conference

Special Events Held in Conjunction with the ISSA International Conference:

Chapter officers plan on arriving in Baltimore early to attend the Chapter Leaders Summit on October 19*.
CISO Executive members and guests please join us for the 4th Quarter CISO Forum on October 22*, immediately following the International Conference.

*Open to qualified attendees only.

Rochester Security Summit 2011

Date(s): Oct 4 – 5, 2011
Time: 8 AM – 5 PM
Location: Hyatt Regency Rochester
Cost: $150 Standard 2 Day Registration - Early registration discounts of 10%
Discount to ISSA Members: Additional 10% discount with code ISSA-MEMBER-65407

The 6th annual Rochester Security Summit will feature four professional educational tracks: Business Security Track, Application Security Track, Infrastructure Track and the Ethical Hacking Training. After selling out last year with over 200 professionals, we have majorly upgraded our attendee and sponsorship capacity. We are excited to bring you this premiere IT security event for professionals in Upstate/Western NY. We are pleased to have Marcus J. Ranum, CSO of Tenable Network Security, Inc. as our keynote this year along with another great line up of top speakers.

Click here for registration and more information.

ISSA-UK Regional Meeting – Glasgow

Date: November 1, 2011
Time: 3:00 PM - 7:00 PM
Location: Pricewaterhouse Coopers LLP 141 Bothwell Street Glasgow G2 7EQ Scotland United Kingdom

Free event and is open to ISSA members only.

Industry Events

SecureWorld Expo

St. Louis SecureWorld Expo

September 13-14, 2011
America’s Center
St. Louis, MO

Bay Area SecureWorld Expo

September 21-22, 2011
Santa Clara Convention Center
Santa Clara, CA

Detroit SecureWorld Expo

October 5-6, 2011
Ford Motor Company Conference & Event Center
Dearborn, MI

November 2-3, 2011
Plano Convention Center
Plano, TX