News

• Association
• Events
• Surveys
• Press Room
• Award Honorees
• E-News

E-News Archive

• 2008-12-01
• 2008-11-13
• 2008-10-30
• 2008-10-16
• 2008-10-02
• 2008-09-18
• 2008-09-03
• 2008-08-21
• 2008-08-06
• 2008-07-23
• 2008-07-10
• 2008-06-26
• 2008-06-12
• 2008-05-29
• 2008-05-15
• 2008-05-01
• 2008-04-17
• 2008-04-03
• 2008-03-20
• 2008-03-20
• 2008-03-06
• 2008-02-20
• 2008-02-07
• 2008-01-24
• 2008-01-10
• 2007-12-31
• 2007-12-13
• 2007-11-30
• 2007-11-15
• 2007-11-01
• 2007-10-25
• 2007-10-11
• 2007-09-27
• 2007-09-13
• 2007-08-30
• 2007-08-16
• 2007-08-03
• 2007-07-19
• 2007-07-05
• Previous E-News Issues

ISSA E-News

A bi-weekly publication from the ISSA International Board

April 19, 2007

Sponsored By: TRISC 2007

Industry Leaders to Examine the True Amalgamation of Security Disciplines at the Texas Regional Infrastructure Security Conference, “Beyond Convergence”

Join some of the country's leading application developers, auditors, compliance officers, contingency planners, database administrators, facility managers, IT and physical security professionals and systems and network administrators for this must attend conference. TRISC will kick off with a invitation only Security Executive Forum for CISOs, CSOs and Directors of Security and will then officially begin on Tuesday, May 15 with an opening session keynote and breakout sessions in compliance / audit, physical security, infrastructure, information security, forensics and SCADA security. The conference will conclude on Thursday, May 17 with breakouts and workshops on certification.

The 2007 TRISC theme, “Beyond Convergence” was developed from the recognition that after the data and phone networks, business and SCADA networks and the physical and information security systems and/or organizations converge, the security and audit functions must manage the infrastructure, and regulatory and compliance requirements must be met in order to protect the assets of the organization, which includes personal safety and data, intellectual property and physical assets.

For more information and to register, visit www.trisc.org.

In this Issue

1. April ISSA Journal highlights compliance issues
2. Board Update
3. IT360° Conference & Expo 2007
4. SecureWorld Expo 2007

April ISSA Journal highlights compliance issues

Information Security: Identifying the Right Standard for Your Organization

By Richard Connelly

It is said that information is the life-blood of a company and therefore needs to be protected at all times. How then do you decide what level of protection to give to each piece of information? Set the protection too high and some information will not be available to those that require it. Set it too low and some information that should remain confidential will not be so.

ISO 2700X: A Cornerstone to True Security

By Jonathan Gossels & Richard Mackey, Jr.

A brief look at ISO 27001 and ISO 27002, addressing the thorny issue of certification versus compliance - most organizations will find compliance with ISO 27002 rather than certification to ISO 27001 to be the preferred approach.

The April issue is now available as a PDF download for ISSA members (website account required).

Board Update

From ISSA President Howard Schmidt's letter in the April ISSA Journal

The international board has recently made a decision in conforming with our bylaws that specify four named positions – President, Vice President, Secretary/Director of Operations and Treasurer – with the remaining board positions titled as “Board of Director Member” without any specification as to duties and responsibilities. One reason for this decision would be to generate greater interest in serving on the board from members who have the strategic knowledge and operational expertise to help guide our organization, but who may not be interested in being the specific director responsible for a specific area – web development, marketing, etc. With this change we hope to recruit experienced candidates to serve as directors from around the world.

Secondly, it is our goal to make the international board’s focus more strategic and less operational. The plan is to move much of the operational functioning currently performed by volunteers to paid full-time staff. Our volunteers have only so much time to offer – jobs and family require a lot of time, and rightly so. This move will give us the ability to have better focus, better accountability, and better service. Our board volunteers will not be spending their precious time on ISSA operational business but on the strategic direction of our organization. Therefore, I encourage all our members during this election cycle to look at the positions that are open and seek nomination. If you have an interest in helping continue the growth and good work of ISSA, get with your chapter, look at the revised guidelines, and consider running for one of these very important positions. Dave Cullinane, our most recent past president chairs the election committee and will be updating you with the revised guidelines.

An update on elections positions and guidelines will be released shortly; please watch E-News and the ISSA Journal for more information.

IT360° Conference & Expo 2007

• April 30 – May 2, 2007
• Metro Toronto Convention Centre – Toronto, ON, Canada

IT360° is the leading Canadian conference and exposition that provides Information Technology professionals with a unique all encompassing IT experience.  IT360° focuses on the four key industry pillars: Network, Linux/ Open Source, Security and Storage. These pillars are our “worlds”: NetworkWorld, LinuxWorld (including Smalltalk Solutions and Asterisk Open Source Telephony ), SecurityITWorld and DataStorageWorld. IT360° addresses the critical issues facing the industry while providing realistic strategies to enable the implementation of the best and most cost efficient solutions.

ISSA Members receive a 25% discount – use code A101 when pre-registering!

http://www.it360.ca/

SecureWorld Expo 2007

The 2007 SecureWorld series continues this spring with the Chicago, Atlanta, and Philadelphia events in April and May.

ISSA MEMBERS Register Today with code ISSNWS2 and get your Two Day Conference Pass for Only $115 - You save $80 off the $195 conference fee!
Register at https://www.secureworldexpo.com/

INTRODUCING THE NEW SECUREWORLD+ EXTENDED TRAINING

With the SecureWorld+ Pass, you get an additional 6 hours of intense training worth 16 CPE credits and full access to the complete SecureWorld program which includes all conference sessions, lunch each day, conference reception, keynotes and exhibits.

ISSA MEMBERS Register Today for the NEW SecureWorld+ Extended Training for only $495! Use code ISSNWS3 and you save $100 off the $595 fee!
Register at https://www.secureworldexpo.com/

SecureWorld+ Topics Include:

• How To Complete A Risk Assessment In 5 Days Or Less
• Crack The Case – Hands-On Computer Forensics Training
• ISO 17799 Self Assessment Process
• Security Metrics Workshop

Don’t miss SecureWorld 2007!

BOSTON · March 14 - 15
CHICAGO · April 24 - 25
ATLANTA · May 1 - 2
PHILADELPHIA · May 16 - 17
DALLAS · September 19 - 20
DETROIT · October 9 - 10
SEATTLE · October 30 - 31
SAN FRANCISCO · November 14 - 15

Join | Association | Members | Chapters | News | Resources | Sponsorship

Copyright ©2008, Information Systems Security Association, All Rights Reserved.

Privacy Policy | Copyright Information