ISSA E-News

A bi-weekly publication from the ISSA International Board

February 23, 2006

A bi-weekly publication from the ISSA International Board

Hot Topic - Call for Nominations For The ISSA International Board Of Directors

Notice to all ISSA chapters

This is a request for nominations for six positions on the ISSA International Board:

President
Vice President of Education
Vice President of International Relations and Development
Vice President of Vendor Relations
Vice President of Marketing
Vice President of CISO Programs

Requirements

Each nomination must be accompanied by the following information:

Statement of Nomination from the member's chapter
Member in Good Standing
Statement of Goals to Achieve in this position
Statement of Commitment form
Biography
Picture

The biography will inform members of past work experience, other organizations the candidate belongs to, and what contributions were made to ISSA.

The Statement of Commitment form must be completed to ensure the candidate's employer approves of this commitment.

The form is attached here and can also be found in the References section of the File Library, http:/www.issa.org/cgi/library.cgi?library=References&file_index=0, under the title "BoardCommitmentForm11.10pdf".

Forms should be faxed to 414-768-8001 or 414-768-8030.

Please e-mail all information to the Chairman of the Nominations Committee, William Tompkins, at electionchair@issa.org.
All nominations must be received by April 16, 2006.
All email sent to "electionchair@issa.org" should receive a reply message saying, "Thank you for your submission."

If you haven't received a confirmation message from the Election Chair by April 16, 2006, please contact ISSA Headquarters at 414-908-4949 x12

In this Issue

ISSA's Webcasts – Most recent: Email Security Strategies - What To Plan For In 2006
Free Subscriptions To Industry Leading Publications
NEW! The ISSA Learning Center is Open – New Training Courses Available!
Upcoming Conferences & Discounts – Extend your education and training with these ISSA sponsored conferences. Discounted rates available!

Sponsored By

Free Security Compliance Reality Check Run a quick check of your IT security compliance for specific regulations with this FREE Compliance Assessment Tool. You'll get a "compliance score" as an example of how Symantec solutions can help you monitor and report on compliance---all through a single compliance architecture for managing multiple regulations. Download now!

ISSA Webcasts

Email Security Strategies - What to Plan for in 2006
Sponsored By Mirapoint
Presented by Arabella Hallawell, Gartner Research & Bethany Mayer, Mirapoint

Do you have your email security plan in Place for 2006? Next year IT will face new, even more potentially damaging email security threats and compliance challenges. Featured speaker, Arabella Hallawell, Research VP Gartner will offer you her thoughts on what technology you can apply to assure that your network is protected from never before seen attacks. Email is a mission-critical application – touching all aspects of business communications. Make sure that you are ready for 2006 with the right email security technology choices.
Know what to expect and how to prepare for 2006, the topics will include:

Combat worms, viruses and malware
Fighting Spam
The right network architecture to fight threats
Connection management
New technologies you should consider soon
And much more...

This Webcast is available On Demand [View Webcast]

Managing Multiple Regulations: Take the Fast Track from Complexity to Compliance

Sponsored By Symantec Corporation
Presented by David E. Smith, Symantec Corporation

The growing importance of information technology and the transition of personal records into digital formats have made privacy and information security critical issues. But corporations are being bogged down in the quagmire of regulations which leaves them struggling to meet complex challenges and manage the high cost of security compliance. Acting as a "hidden tax on profits," regulatory audits are rededicating resources to meet these compliance objectives. This resource drain is beginning to directly impact the corporate bottom line and affect the ability to do business.

Join us for this look at how organizations are pulling out of the quagmire and getting onto the fast track to compliance by:

Conducting regular audits more efficiently so they can reallocate IT resources to more important pursuits
Coordinating security requirements from multiple regulations to eliminate costly redundancies and unnecessary controls
Mapping controls to performance results to demonstrate improvement and implement a sustainable, auditable compliance posture

About the Speaker:David E. Smith serves as a senior compliance analyst with Symantec, formerly BindView Corporation, working on the company's RAZOR Research Team. Smith has worked in information security for Fortune 500 companies for the last 8 years. Prior to joining BindView, he focused on information security, compliance strategy and program implementation for AEGON's North American companies, including Western Reserve Life, IDEX Mutual Funds and Transamerica. During his tenure, he helped coordinate the information security compliance programs for all of AEGON's North American operations. Smith is a Certified Information Systems Security Professional (CISSP) and holds a professional certificate in Computer Forensics from Oregon State University

This Webcast is available On Demand [View Webcast]

Building A Secure LAN
Presented By: Lloyd Hession, BT Radianz & Michelle McLean, ConSentry Networks
Sponsored By: ConSentry Networks

This webcast features Lloyd Hession, CISO of BT Radianz, discussing his LAN security issues and his recommendations for best practices. He'll discuss his tips for deploying NAC (Network Admission Control), gaining LAN visibility, applying access controls to users, and protecting the business from threats such as worms. He'll also discuss a LAN security platform that he's successfully deployed.

This Webcast will be available On Demand March 9, 2006

Free Subscriptions To Industry Leading Publications!

As a valued member of the Information Systems Security Association, we would like to inform you that we have partnered with Tradepub.com to provide you with free subscriptions to industry leading publications. Each publication is absolutely free and there is no purchase necessary. Publications are ABSOLUTELY FREE to those who qualify!

Browse from the extensive list of over 300 titles currently offered and be sure to check back often as we will be adding new titles over the coming weeks and months. Click here to subscribe for free!

NEW! The ISSA Learning Center is Open

ISSA University-SiegeWorks University

ISSA and SiegeWorks are pleased to announce high quality, on demand security education and training courses exclusively for ISSA members!

Local Chapters decide which courses they would like to sponsor for their membership, arrange for the venue and promote the course locally. SiegeWorks University trainers provide onsite training and Trainer the Trainer sessions for Chapters who request it.

Industry leading trainers, security luminaries as guest lecturers and top-quality materials!

Course Number Course Description Number of Days Notes

IS1100 CISSP Preparation 5 No Test
IS1110 SSCP Preparation 5 No Test
IS1201 Wireless Security 5 Lab
IS1301 Principles of Security 5 Lab
IS1302 Advanced Security Concepts 5 Lab
IS1401 Practical Penetration Testing 5 Lab
IS1402 Building and Operating a Snort IDS 3 Lab
IS1403 Computer Forensics 5 Lab
IS1501 Web Application 2 Lab IS1801 Policy Writing 3 None
IS1802 Incident Response 3 None
CS1901 Sarbanes-Oxley Compliance 2 None
CS1902 SB-1386 Compliance 2 None

Interested? Contact your local Chapter President or Education Coordinator to sponsor an ISSA SiegeWorks University course for your local members!

Click here to request more information.

Trusted Learning's ISSA Learning Center

ISSA is working with Interpact, the Security Awareness Company to provide low-cost end-user training on a variety of topics, ranging from Security Awareness 101 to Identity Theft. Individuals can purchase courses or member organizations can open their own private learning centers and choose from a menu of existing courseware or upload proprietary training courses for their employees or customers.

Visit the ISSA homepage and click the link for the ISSA Learning Center, enter the access code (sa101cEn) then register as a student, purchase the courses and then begin taking them immediately. Here is a list of the courses available today:

Why Security Awareness? - FREE An overview of the need for Computer Security Awareness. This is targeted toward managers and executives who need the basics or a current update.
Internet and Computer Ethics for Kids - $3 This Course is based upon Winn Schwartau's hit book by the same name. We teach our kids how to use computers, but not about when and what to do with them. What is right and what is wrong? Parents are too often clueless - the kids know more. What do we do? This Course.
SA101 Humorous 2005 - $5 This is a short, non-technical 60 minute overview of Security Awareness - with an emphasis on keeping students entertained.
SA101 Corporate 2005 -$5 This is a short, non-technical 60-minute overview of Security Awareness.
Email Safety at Home and Work - $5 Learn how to avoid viruses, worms and spyware trying to get into company and home computers through e-mail, Web sites and IM applications.
ID Theft - $5 Learn what your identity information is, where it resides, how it gets exposed, how thieves steal and abuse identities and how to protect your identity information from theft.
Social Engineering at Work and Home - $5 There are infinite ways scammers convince us to give over private information on the phone, Internet and in person. Learn how to recognize common techniques and antics of these scammers so you won't fall victim to them.
SPYWARE - $5 Learn how Spyware gets onto computers and what it does - like logging keystrokes and bogging down computers and networks. Then learn what you can do about it.
Viruses Protection at Work and Home - $5 This course will show employees how viruses and worms spread, the damage they cause, and the steps they should take to protect their work and home computers from getting infected (and how to remove viruses or worms if they do).

Upcoming Conferences & Discounts

TRISC, Texas Regional Infrastructure Security Conference, 2006 Conference - Houston, TX

May 15 - 17
Sharing Experience and Knowledge to Strengthen Security

Conference Objectives:Provide an annual educational and networking event that will enhance the knowledge, skill, and professional growth of the conference alliance members and other attendees. TRISC involves individuals in: national, state or local governments; institutions of higher education; private and public businesses. The conference offers attendees a unique forum for the discussion of topics that are of mutual interest to security professionals in the areas of information, infrastructure, and facilities.

Tracks

Law & Forensics
Cyber Security
Business Continuity & Disaster Recovery
Risk / Security Management
Infrastructure Protection/SCADA
Physical Security

Registration Fees

Early Registration After April 15 Members – $299.00, $399.00
First Responders – $3200, $4200
Non Members – $399.00, $499.00

For information on registration, exhibits, and sponsorships, contact:

TRISC 2006
c/o Swift Solutions
8701 Bluffstone, #2308
Austin, Texas 78759
Phone (toll-free): (877) 451-8700
Fax: (866) 498-6527
Email: debswift@swift-solutions.org

For on-line information and updates, visit: http:/www.trisc.org/
Hyatt Regency Hotel: http:/www.houstonregency.hyatt.com
(Ask for special TRISC attendee rates)

Information Security Professionals - earn your NSA certifications. Training so good, we teach the competition!

There's only ONE WAY to get your NSA certifications, and that’s by attending an NSA sponsored IAM/IEM course. Learn the NSA way of assessing your organizations security posture and conducting security evaluations of networks utilizing hands-on methodologies. ISSA members receive discounts up to $500! *U.S. Citizenship required*

Learn more at: http:/www.fountainheadcollege.edu/ia/nsa/

ID Management 2006 Summit & Technology Showcase

March 7-8, 2006
Venue:
Tumbalong Rooms & Foyer,
Sydney Convention & Exhibition Centre,
Darling Drive, Darling Harbour, Sydney NSW 2000

The ID Management Summit 2006 aims at bringing together the users and suppliers of ID management solutions and technology to discuss business and government initiatives, latest trends and developments, large scale deployments, partnerships & alliances, developing standards, new applications, new business opportunities and future direction.

For full conference details and to register please visit ID Management 2006 website.

LinuxWorld and NetworkWorld Conference and Expo 2006

April 24-26, 2006
Toronto, Canada

The TWSUG is a supporting association of this event. Featuring the latest in strategic technology, this conference/tradeshow will draw a host of key figures in the IT community, from forward-thinking users to decision-making executives. You can view the conference schedule, presentation abstracts, and more by visiting http:/www.lwnwexpo.plumcom.ca.

ISSA and TWSUG members receive a 25% discount on ALL admission packages and free admission to the tradeshow – Just use code A101 when registering.

**Early Bird rates available until March 17th**

E-News Archive