ISSA E-News: July 23, 2009

In this Issue

  1. Enter Now to Become a Security Star
  2. Frederick Curry Joins ISSA International Board
  3. August Web Conference: The Truth about Securing Mobile Devices
  4. Call for Whitepapers
  5. Call for Articles: Special ISSA Journal Issue on Standards
  6. ASIS 2009: September 21-24, 2009, Anaheim, CA
  7. Balancing IT Security Compliance, Complexity and Cost: Featured article in the July Issue of the ISSA Journal
  8. Industry On-Demand Webcasts
  9. ISSA Events
  10. Industry Events

Sponsors

Aveksa

Enterprise role management provides significant benefits for administering access and ensuring compliance. Download: Best Practices for Role Management white paper click here

Enter Now to Become a Security Star

What was your "star moment" as a security professional? Help ISSA chronicle the last 25 years with your most meaningful achievement. Individually and collectively we have established and advanced the knowledge base and practices as the information economy has evolved. Enter our "Security Stars" contest and add your milestone to the continuum. Stories will be selected to be highlighted in the multi-media presentation during the 25th Anniversary celebration, on the ISSA website, in the ISSA Journal and eNews.

Whether you are a relative newcomer to the profession or a noted industry expert, your contributions make a difference. What stands out in your career? What innovation, strategy or breakthroughs solved a challenging problem or influenced others? What inspired you to focus on information security?

Simply describe your star moment in 85 words or less and the impact it had on your career, your organization's business practices or the industry. There is no limitation on the number of times you may enter as long as your star moments are not duplicated. All contestants will be entered into a random drawing for a $100 VISA gift card and each member whose star moment is featured will receive an ISSA shirt.

Contestants must be ISSA members in good standing. All entries must be received by August 15 at 5:00 p.m. US Pacific Daylight time (Midnight GMT) and should be accompanied by a 1.5 x 2 digital photo @ 300 dpi, 450 x 600 pixels in gif, png, or jpg format.

Let your star shine to celebrate what we have accomplished together over the last quarter century. Enter today.

If you have questions, please contact Dana Paulino, 1 866 349 5818 (toll-free within the US), + 206 388 4584 (international), extension 103.

Frederick Curry Joins ISSA International Board

I am very pleased to announce the appointment of Frederick J. Curry, CISM, CISSP, CISA, CGEIT, Central Alabama Chapter and Director of IT Risk Management of Energen Corporation, to fulfill a vacancy on the ISSA International Board of Directors. Mr. Curry brings a wealth of knowledge and management experience from his distinguished 30-year career in information security as a professional and leader during which he has progressively assumed data security roles in the banking, healthcare, manufacturing, oil and gas, and utility industries. Please join me in welcoming him to the ISSA International board and thank him for his volunteer spirit.

Howard A. Schmidt, CISSP, CSSLP
ISSA International President

August Web Conference: The Truth about Securing Mobile Devices

The Truth about Securing Mobile Devices

  • Date: August 11, 2009
  • Start Time: 9am US Pacific /12 noon US Eastern/ 5pm London Time
  • CPE Credit Available

Web Conference Overview:

Mobile devices are becoming more pervasive and while these devices offer the potential for increased productivity, they also pose many security risks. Join your fellow members as they listen to experts discuss securing mobile devices and what the future holds for mobile computing. Presentations to answer questions such as how feasible is it to fully secure mobile devices, data loss prevention and the potential legal ramifications governing mobile computing devices.

Presenters Include:

  • Pete Lindstrom - Spire Security
  • Joe Gow - GuardianEdge
  • Randy Sabett - Sonnenschein Nath & Rosenthal LLP

 

Thank you to GuardianEdge for their generous support of the August ISSA Web Conference

CLICK HERE to register and begin viewing this ISSA Web Conference

Call for Whitepapers

In order to be responsive to emerging threats, technological advancements, and influences within information security, one must tap into the experience and expertise of the professional community. ISSA is soliciting whitepaper submissions by information security professionals that look to inform and educate peers and professionals regarding issues and trends in the industry. Articles are reviewed on the basis of relevance (suitability for readership), timeliness (how in sync content is within an ever changing industry), utility (how directly useful it is), credibility (citations and scholarly awareness), and innovation (how uncommon the topic is).

Evaluation

ISSA Educational Advisory Council (EAC) Whitepaper Committee experts will peer-review all industry whitepapers to ensure and validate the quality, accuracy and relevance. An excellent whitepaper:

  • is relevant to a security practitioner, the chief audience (does include C-level)
  • is related to current trends, technologies and industry issues
  • leans toward practical insights rather than general perspectives
  • is a non-commercial article focused on the informational needs of the reader rather than the benefits of the author's products or services
  • carefully cites sources, resources and exhibits knowledge of the work of industry innovators and experts
  • encompasses subject matter that piques the curiosity of ISSA members/readers
  • caters to an international audience
  • includes diagrams and Illustrations

Format

Whitepapers are expected to be 2-6 pages in length. Please include the following:
  • Project Description (including use cases)
  • Relevant or Related Projects
  • Major Technical Considerations
  • People and Organizations (either potential participants or experts that could be consulted for more information)

Submission

Whitepapers are reviewed on an ongoing basis; there are no deadlines. Authors should submit final whitepaper documents HEREas attached files and please note the following within the subject line: [EAC Whitepaper Submission: Last Name of first author]. Documents are to be submitted as Microsoft Word documents only and must be accompanied by the ISSA whitepaper copyright release form granting authorization to publish.

For questions or assistance, please contact Jen Huber.

Call for Articles: Special ISSA Journal Issue on Standards

Standards are an integral part of our world. They provide a common, comprehensive framework for defining the security, integrity, availability, governance, and compliance requirements demanded of organizations and their information systems. As such, it is important for security professionals to be aware of current standards, how they are formulated, and how to apply them.

An upcoming issue of the ISSA Journal will be devoted to all aspects of standards. To make that issue as meaningful as possible, we would like to hear from those of you in the trenches who must work with standards on a daily basis. We are interested in formal standards at the national and international level, private industry standards such as PCI, and how to apply and use guidelines such as the U.S. NIST 800 series.

Please submit your articles or questions to the Journal Editor. Our publishing guidelines may be found on the ISSA website in the Journal section.

ASIS 2009: September 21-24, 2009, Anaheim, CA

The ASIS International 55th Annual Seminar and Exhibits is the most comprehensive education and networking event in the security industry - and the leading show dedicated to security. This year ASIS International is partnering with ISSA to offer a track of information security sessions as part of the ASIS 2009 program. To learn more about these 30 high-quality sessions, CLICK HERE.

Discount to ISSA Members: Receive ASIS member pricing. CLICK HERE to register.
(The ISSA branded registration form ensures you receive member pricing before you submit payment.)

See hundreds of leading-edge technologies, products, and services at the ASIS Expo.
FREE Expo Pass registration, CLICK HERE

Balancing IT Security Compliance, Complexity and Cost: Featured article in the July Issue of the ISSA Journal

This month's issue of the ISSA Journal is now available online and features peer-reviewed articles on:

  • Successful Security Control Selection Using NIST SP 800-53
  • ITS Program Management: Talking the Executive Language
  • PAN Encryption: Yes, We Can Standardize Now
  • Performing Hardcopy Risk Assessments for Operational Processes Handling PII
  • Mobile Endpoint Security
  • Data Breach Study Reveals Significant Rise in Targeted Attacks

Balancing IT Security Compliance, Complexity and Cost

By Carlos Valiente, Jr. - ISSA member, Tampa Bay, USA Chapter

The author discusses implementing the International Organization for Standardization ISO 27001, the international practice for information security management.

Organizations today risk customer trust, their reputations, and ultimately shareholder value when they do not address or prevent information security breaches. Many are required by law to comply with a growing number of government and industry-specific controls designed to safeguard the confidentiality, integrity, and availability of IT systems from information security breaches. One strategy to consider is implementing the International Organization for Standardization ISO 27001, the international practice for information security management.

Companies struggle to protect intellectual property and other sensitive information as they often lack the visibility needed to define effective access policies that help mitigate risk. IT departments bear one of the heaviest burdens in compiling the data required by auditors, as their responsibilities include the documentation of procedures for security policy, compliance controls, and risk management processes. For many organizations, this is a key point of failure both before and during an audit, which inevitably leads to increasing the cost of audit-related fees.

The reality, however, is that security breaches will continue to occur and the problem is not getting any easier to solve. The exponential growth of information breaches, the level of complexity of the infrastructure - network, virtual operating systems, and applications - continues to grow at a fast pace. It is easy to get caught up in reacting to the current symptom or problem that is causing immediate pain, rather than proactively tracing the issue back to its root cause to find a long-term fix that will take the organization to a higher level of overall performance.

To continue reading this and other articles featured in the July ISSA Journal CLICK HERE

If you would like to receive your Journal electronically, just login to the ISSA website and update your member profile.

Industry On-Demand Webcasts

Security Log Management for Compliance

    Sponsored by: CA
The Transformation of Security Organizations into Business Enablers – and How You Can Use the Web to Accelerate This
    Sponsored by: CA
How to Ensure Data Privacy and Security
    Sponsored by: IBM
Identity-Centric DLP: A New Partnership for Data Security
The union of identity management and data loss prevention solutions
    Sponsored by: CA

Security Stimulus - Information Security Budgets & Priorities in a Down Economy

ISSA Events

Tokyo July Chapter Meeting

Tokyo Chapter of ISSA
  • July-29 2009
  • 7:00 p.m. to 9:00 p.m.
  • Seminar Room in Techno Brain Co. Ltd.
  • 12th floor of the Nisseki-Shibuya Bldg.
  • 2-16-1, Shibuya, Shibuya-ku, Tokyo 150-0002
http://www.techno-brain.co.jp/company/map.html
http://www.nrec.co.jp/office/portfolio/x11_ofpo_detail7.html

Cost: Free for ISSA Members; 1,000 yens for non-ISSA members
Discount to ISSA Members: Show the membership card at the registration desk.

For event details and registration CLICK HERE

Raleigh August Chapter Meeting

Raleigh Chapter of ISSA
  • Thursday, August 6, 2009
  • 6:00 p.m.
  • NCSU McKimmon Center

Cost: Guests: $10, ISSA Members: Free

For event details CLICK HERE or RSVP

ISSA 25th Anniversary Celebration

ISSA International
  • Sunday, September 20, 2009
  • 4:30 p.m. US Pacific Time
  • Anaheim, CA, USA

Magnify Your Security - GA ISSA Annual Meeting

Metro Atlanta Chapter of ISSA
  • October 14, 2009
  • Loudermilk Convention Center
  • Atlanta, GA, USA

Cost: ISSA Members - $65.00, Student ISSA Members - $59.00, Non-ISSA Members - $100.00, Student Non-ISSA Members - $75.00
Discount to ISSA Members: $20.00 off of the $65.00 which = $45.00 - ends July 31
Discount Code: 2009earlybirdspecialmember

For event details CLICK HERE

For event registration CLICK HERE

2009 Triangle InfoSeCon

Raleigh Chapter of ISSA
  • Thursday, October 15, 2009
  • 7:30 a.m. to 4:30 p.m.
  • North Carolina St Univ, McKimmon Conference Center
  • Raleigh, NC, USA


Discount to ISSA Members: Early Bird Special, ISSA Member Cost is $30.00

For event registration CLICK HERE

Check us out...Reserve your sponsorship slot or register now!

2009 Triangle InfoSeCon Call for Papers

Raleigh Chapter of ISSA
  • Paper Submission due July 30

Submit your speaking proposal online, CLICK HERE

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.
Anaheim, CA September 19 - 20, 2009
Theme: Cyber Crime
Las Vegas, NV November 12 - 13, 2009
Theme: Looking forward; What the CISO Will Need to Know in The Next Decade

For details on the CISO Forum please visit http://ciso.issa.org.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Complete membership criteria is available at: http://ciso.issa.org/Membership/Membership-Criteria.html

Industry Events

SECUREWORLD SPOTLIGHT

August 20, 2009

ISSA MEMBERS are offered a $20 discount off the $95 conference pass which includes access to the Conference Sessions, Exhibits, Lunch and 5 CPE credits. Register on-line using code MAISSA.

For event details and registration CLICK HERE

SECUREWORLD EXPO

September 16 - 17, 2009

September 29 - 30, 2009 October 28 - 29, 2009 November 4 - 5, 2009

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS9.

SecureWorld+  Extended Training 2009 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS9.

For event details and registration CLICK HERE

Zscaler IDC Webcast

  • August 11, 2009
  • Live Online Webcast Event

Cost: Free

For event registration CLICK HERE

Hacker Halted USA 2009

  • September 20 - 24, 2009
  • Hilton Miami Downtown
  • Miami, FL, USA
Cost: $899
Discount to ISSA Members: 10%
Discount Code: HH-SP-ISSA

For event details and registration CLICK HERE

ASIS International 55th Annual Seminar & Exhibits

  • September 21 - 24, 2009
  • Anaheim, CA, USA

Discount to ISSA Members: Receive the ASIS member price
Event details at: www.asisonline.org/ASIS2009

ASIS Keynotes/General Sessions Overview CLICK HERE

Download the Seminar Overview (pdf) CLICK HERE

For ISSA Member discount registration CLICK HERE

Securecon

  • October 4 - 7, 2009
  • JW Marriott Hotel
  • Dubai, UAE

Cost: US$ 2,599.00
Discount to ISSA Members: US$ 1,899.00
Discount Code: A1029ISSA

For event details and registration CLICK HERE

SC World Congress

  • October 13 -14, 2009
  • Sheraton New York Hotel & Towers
  • New York, NY, USA

Discount to ISSA Members:  $200 off the prevailing rate at time of registration (2 day conference pass only) and/or free exhibits admission
Discount Code: ISSA

For event details and registration CLICK HERE

DeepSec In-Depth Security Conference (IDSC)

  • November 17 - 20, 2009
  • The Imperial Riding School Vienna - A Renaissance Hotel
  • Ungargasse 60, Vienna 1030
  • Vienna, Austria

Cost: Conference Early Bird Booking (L)595, Regular Booking (L)645, On-Site Registration (November 19-20) (L)695; workshops Early Bird Booking (L)1295, Regular Booking (L)1495, On-Site Registration (November 17) (L)1695; package conference + workshops Early Bird Booking (L)1595, Regular Booking (L)1795, On-Site Registration (November 17) (L)1995
Discount to ISSA Members: 20%
Discount Code: issa-Xieph9

For event details and registration CLICK HERE

International Conference on Cloud Computing and Virtualization 2009

  • November 25 - 26, 2009
  • Suntec International Convention and Exhibition Centre
  • Singapore

Cost: S$1499 (Regular Fee) and S$1299 (Early Bird Fee)
Discount to ISSA Members: 10%
Discount Code: ISSA

For event details and registration CLICK HERE
Or contact Gynn Ho at: + 65 6327 0166, or by Email

CeBIT Security World

  • March 2 - 6, 2010
  • Hannover, Germany

Discount to ISSA Members: Discounts vary according to exhibitors' stand selection (i.e. row/corner booth, raw space/turnkey exhibit package). Hannover Fairs offers a "Newcomer special" for companies that have not exhibited at CeBIT in 2009 - this discount is also available for ISSA members. For 2010, we have reduced our pricing to (starting from) (Euro) 244.00/sqm + (Euro) 300 processing fee (excluding 19% reclaimable German VAT), with no additional fees. (Fee provided above in Euros, since the US Dollar exchange rate is subject to change)

For event details and registration CLICK HERE