News

• Association
• Events
• Surveys
• Press Room
• Award Honorees
• E-News

E-News Archive

• 2010-3-11
• 2010-2-18
• 2010-2-4
• 2010-1-21
• 2010-1-4
• 2009-12-21
• 2009-12-17
• 2009-12-03
• 2009-11-19
• 2009-11-05
• 2009-10-22
• 2009-10-01
• 2009-09-24
• 2009-09-17
• 2009-09-10
• 2009-09-03
• 2009-08-27
• 2009-08-13
• 2009-08-06
• 2009-07-30
• 2009-07-23
• 2009-07-16
• 2009-07-02
• 2009-06-25
• 2009-06-11
• 2009-06-04
• 2009-05-28
• 2009-05-14
• 2009-05-07
• 2009-04-30
• 2009-04-16
• 2009-04-09
• 2009-04-02
• 2009-03-26
• 2009-03-12
• 2009-03-03
• 2009-02-26
• 2009-02-12
• 2009-01-29
• 2009-01-15
• Previous E-News Issues

ISSA E-News: August 27, 2009

In this Issue

1. Celebrating 25 Years - Silver Anniversary Gala
2. Security Stars Shine for the Silver Anniversary
3. Your Organization Can Be a Security Star Too
4. Help Launch ISSA Connect
5. End of the Edge - August ISSA Journal Featured Article
6. ASIS 2009: September 21 - 24, 2009, Anaheim, CA
7. Malware Protection for USB Drive – Peer-Reviewed Whitepaper
8. Academic Edge: Call for Student Papers
9. ISSA Web Conferences
10. Industry Webcasts On-Demand
11. ISSA Events
12. Industry Events

Sponsors

Streamline IT security environments and compliance processes. Read the white paper: The Role of Security Management in Achieving Continuous Compliance

Introducing the World's Only FIPS 140-2 Level 3 USB Flash Drive, with AES 256-bit Hardware Encryption

Celebrating 25 Years – Silver Anniversary Gala

A quarter of a century ago Sandra Lambert and Nancy Woolsey brought together 25 colleagues at Pacific Security Bank in Los Angeles and launched the Information Systems Security Association. The goal was to bring together those working in the emerging field of information security to discuss issues and share solutions. From that first gathering, ISSA has grown to 141 chapters with nearly 10,000 members in 70 countries worldwide.

Join us on September 20th as we celebrate 25 years of excellence and look to a future of continued innovation and accomplishments within information security.

Connect with industry leaders and peers and mingle with the CISO Executive Forum members. Don't miss the multi-media presentation showing the rich history of our great association and the introduction of our newest International Board members.

Mischel Kwon and Martin Roesch - two security visionaries who have served our industry with lifelong achievements - will share their views on "10 Years of Security Breaches and How Security Has Changed" and " Next Generation Security: Today's Challenge".

Several new initiatives - including ISSA Connect, our online community – will be inaugurated in honor of the 25th anniversary. Members who are not able to travel to Anaheim will have the opportunity to celebrate and learn more about these initiatives via a webcast.

CLICK HERE to register to attend and celebrate our Silver Anniversary! Admission is free for ISSA members; non-members and guests are welcome; tickets are $75.

Security Stars Shine for the Silver Anniversary

Congratulations to Joel Weise, Silicon Valley Chapter, winner of the random drawing for the Security Stars Contest. Joel will receive a $100 Visa gift card.

"I'm very proud to say, I am one of the few founding members of the ISSA that continue to participate in the organization. The coolest contribution I have to security is the invention of the Visa multi-application chip card which now sits on millions of Visa credit cards around the world. My second coolest contribution would be the initial development of the PCI security standards which almost all security professionals would recognize (for better or worse)."

Visit the website for a glimpse of your colleagues' proudest career accomplishments. Thanks so much to all who submitted their star moments. Although the contest has ended, we would love to add your star moment to our galaxy on the website. CLICK HERE

If you have questions, please contact Dana Paulino, 1 866 349 5818 (toll-free within the US), +206 388 4584 (international), extension 103.

Your Organization Can Be a Security Star Too

Your company or organization can join a select group of "Security Stars" and highlight its role in the information security community. With a contribution of $2,000, you will not only be supporting the great work of ISSA, you will also be showcased for your role in the advancement of our industry. As a Security Star, you will have the opportunity to feature your organization's most significant security milestone with an 85 word description of a project, innovation or event that had a major influence on professional practices or the community as a whole. These milestones will be posted on the website and as part of our 25th anniversary activities. For more information, please contact Tom Bechtold, 1 866 349 5818 (US), +206 388 4584 (international), extension 101.

Help Launch ISSA Connect

Help develop and launch ISSA Connect - the most exciting ISSA initiative of the year! ISSA Connect is ISSA's members-only collaboration and networking community. ISSA is forming the Connect Council to work with staff and the International Board of Directors to help realize the vision of ISSA Connect by helping develop content, site structure, policies, and serve as early adopters and evangelists to aid in beta testing and to gain initial acceptance.

Connect Council volunteers will take an active role in crafting this exciting new collaboration network. All members of the ISSA Connect Council must be ISSA members in good standing. We are interested in gaining as much representation as possible from a variety of industries, geographic regions and job functions. To volunteer send your contact information, your professional background, ISSA volunteer activities and the goals you would like to achieve as part of the Council to Dana Paulino.

The End of the Edge - August ISSA Journal Featured Article

In the August issue of the ISSA Journal, Richard Walters, member of the UK Chapter of ISSA, discusses the erosion of the network perimeter edge and he addresses possible steps to secure data at and beyond the edge.

De-perimeterization and the virtualized environment may deliver significant operational benefits in terms of access, scalability, and costs. But, given the fragility of current virtual mechanisms, are we guilty of rushing headlong into uncharted waters? Beyond the edge of the enterprise, how do we ensure data is protected? Should we be addressing the problem from the enterprise or the Internet end? Strategic data protection policies, encrypted vaults, cloud computing clean rooms, and Java PCs could hold some of the answers.

Enjoy this and other valuable articles online, to continue reading this or other ISSA Journal articles CLICK HERE (member login required).

ASIS 2009: September 21-24, 2009, Anaheim, CA

The ASIS International 55th Annual Seminar and Exhibits is the most comprehensive education and networking event in the security industry - and the leading show dedicated to security. This year ASIS International is partnering with ISSA to offer a track of information security sessions as part of the ASIS 2009 program. To learn more about these 30 high-quality sessions, CLICK HERE.

Discount to ISSA Members: Receive ASIS member pricing. CLICK HERE to register.
(The ISSA branded registration form ensures you receive member pricing before you submit payment.)

See hundreds of leading-edge technologies, products, and services at the ASIS Expo.
FREE Expo Pass registration, CLICK HERE

Malware Protection for USB Drive - Peer-Reviewed Whitepaper

USB drives are commonly used at the workplace as they offer a convenient means of data transfer and storage. With the ubiquitous use of USB devices, computers and networks in households, enterprises and government agencies have been plagued by viruses, worms and Trojans that have spread via USB drives infected with malware. Employees and consumers, unaware of the malware infection, store and in turn transfer the infected data files and the included malware to another computer. Data leakage and loss in organizations occur mainly due to the almost unregulated use of USB drives across varied environments. Although organizations have policies to ban or restrict the use of USB drives, this leads to a loss in productivity, convenience and business agility. After all, the utility of a "safe" USB drive is about productivity and to transfer and store information quickly and conveniently.

This whitepaper, authored by Hema Krishnamurthy, software architect, Information Assurance Group of ITT Corporation, is the first reviewed by the new Educational Advisory Council's Whitepaper Committee. The goal of the committee is to inform and educate peers and professionals regarding issues and trends in the industry. Members are encouraged to contribute papers that will foster discussion and innovation. You may download this whitepaper HERE. (member account required)

Whitepapers are reviewed on an ongoing basis; there are no deadlines. Authors should submit whitepaper documents HERE, as attached files and must be accompanied by the ISSA whitepaper copyright release form granting authorization to publish. The subject line should read: [EAC Whitepaper Submission: Last Name of first author]. Please submit Microsoft Word documents only. For questions or assistance, please contact Jen Huber.

CLICK HERE for complete Whitepaper submission guidelines.

Academic Edge: Call for Student Papers

In order to be responsive to emerging threats, technological advancements, and influences within information security, one must tap into the experience and expertise of the academic community. Articles by students are being sought for publication in the ISSA Journal. Topics should address research and complementary perspectives on contemporary challenges that face practitioners and the information security industry; and provide an insightful, current, useful and potentially diverse interface between academics and practitioners. Submissions will be reviewed on the basis of relevance (suitability for readership), timeliness (how in sync content is within an ever changing industry), utility (how directly useful it is), credibility (citations and scholarly awareness), and innovation (how uncommon the topic is). Students will receive constructive feedback from industry practitioners on the Educational Advisory Council and the Journal's Editorial Advisory Board.

An excellent paper:

• is relevant to a security practitioner, the chief audience (does include C-level)
• is related to current trends, technologies and industry issues
• leans toward practical insights rather than general perspectives
• carefully cites sources, resources and exhibits knowledge of the work of industry innovators and experts
• encompasses subject matter that piques the curiosity of ISSA members/readers
• caters to an international audience

Format
Student papers are not limited in length; however each article should be accompanied by an abstract of publishable quality of no more than 750 words. The abstract should include:

• Project description (including use cases)
• Relevant or related projects
• Major technical considerations
• People and organizations (either potential participants or experts that could be consulted for more information)

For more information or to submit a paper CLICK HERE

ISSA Web Conferences

September 29: Education Information Security Professionals for the Next Decade

September 29, 2009
Start Time: 9:00 a.m. US Pacific Time (16:00 GMT)

CLICK HERE to register now for this upcoming live event.

The Truth about Securing Mobile Devices

August 11, 2009
Sponsored by: GuardianEdge

Non Repudiation of Data: Maintaining the Integrity of Data and Information

July 14, 2009
Sponsored by: Websense, Inc.

Preparing for Investigation: Forensics and eDiscovery

April 28, 2009
Sponsored by: Google Enterprise

Supporting New Technologies: Cloud Computing and Virtualization

February 17, 2009
Sponsored by: Google Enterprise

Industry On-Demand Webcasts

Role Based Access Governance

August 14, 2009
Sponsored by: Aveksa

CLICK HERE to register and view on-demand.

Webcast Description:
Many corporate IT security professionals still regard roles-based access and identity management as hopelessly complex. Many have experienced difficulty with the roles concept and written it off as a failure. But roles are essential for sound access governance, and the right roles-based approach can actually simplify an IT security manager's job by reducing the complexity associated with identity administration and the burden of achieving compliance objectives while speeding up access delivery for the business. During this webinar we will examine why the first generation of role management failed and share a best practice approach for implementing effective enterprise business roles.

Best Practices in Securing the Mobile Workforce

August 13, 2009
Sponsored by: SonicWALL

CLICK HERE to register and view on-demand.

Webcast Description:
In today's economic climate, increasing employee productivity and reducing infrastructure costs are at the top of every organization's agenda. Enabling employees to access network resources, from wherever they are and from whatever device, is a key strategy for improving productivity and saving money. In addition, the need to allow people to connect from other locations, especially from home, is greater than ever before as we enter a winter faced with the H1N1 global pandemic. As a result, IT is under pressure to deliver remote access to their increasingly mobile workforce, but is stumbling across the limitations of their current IPSec technology. SLL VPN is emerging as a better choice for secure remote access.

ISSA Events

Virginia Beach Joint Meeting – Hampton Roads and Tidewater

ISSA Hampton Roads Chapter of ISSA
Tidewater Chapter of ISSA

• August 31, 2009
• 5:00 p.m. – 9:15 p.m.
• Sheraton Oceanfront
• Virginia Beach, VA, USA

Cost: Free to ISSA Members to attend

For event details and registration CLICK HERE

Recon for Pen Testers: What do the hackers know about you?

Raleigh Chapter of ISSA

• Thursday, September 3, 2009
• NCSU McKimmon Center
• Raleigh, NC, USA

Cost: Guests are $10; Members are Free

For event details and registration CLICK HERE

ISSA 25th Anniversary Celebration

ISSA International

• Sunday, September 20, 2009
• 4:30 p.m. US Pacific Time
• Anaheim, CA, USA

For event details CLICK HERE

For event registration CLICK HERE

The 2009 Verizon Data Breach Investigations Report

NY Metro Chapter of ISSA

• September 24, 2009
• 4:00 p.m. – 7:30 p.m.
• Bank of NY Mellon, 101 Barclay Street
• New York, NY, USA

Cost: Free for members. Non-members $35

For event details and registration CLICK HERE

NAC Deployment on Speed: How (Not) To Do NAC In The NOC

Raleigh Chapter of ISSA

• Thursday, October 1, 2009
• NCSU McKimmon Center
• Raleigh, NC, USA

Cost: Guests are $10; Members: Free

For event details and registration CLICK HERE

7th Annual ISSA Louisville Metro InfoSec Conference

Kentuckiana Chapter of ISSA

• Thursday, October 8, 2009
• 7:30 a.m. – 5:00 p.m.
• Churchill Downs
• Louisville, Kentucky, USA

Cost: $99
Discount to ISSA Members: Save $20 (Cost = $79)

For event details and registration CLICK HERE

Cornerstones of Trust 2009 Conference
"Meeting Security Challenges in Changing Times"

San Francisco Bay Chapter of ISSA
Silicon Valley Chapter of ISSA

• Wednesday, October 14, 2009
• The Crowne Plaza Hotel
• Foster City, CA, USA

Cost: $60 Members, $90 Associate Members, $120 Non-Members if you register on-line, an extra $10 at the door.

For event details and sponsorship opportunities CLICK HERE

ISSA Hawaii 16th Annual Discover Security Conference

Hawaii Chapter of ISSA

• October 14 – 15, 2009
• 8:00 a.m. – 5:30 p.m., registration begins at 7:15am
• Halekoa Hotel, 2055 Kalia Road, Honolulu, HI

Cost: $70
Discount to ISSA Members: $35, must be a current ISSA Member at time of registration

For event details and registrations CLICK HERE

2009 Triangle InfoSeCon

Raleigh Chapter of ISSA

• Thursday, October 15, 2009
• 7:30 a.m. – 4:30 p.m.
• North Carolina St Univ, McKimmon Conference Center
• Raleigh, NC, USA

Cost: ISSA Members - $30.00; Standard Registration - $85.00

For event registration CLICK HERE

Check us out...Reserve your sponsorship slot or register now!

Application Security

St. Louis Chapter of ISSA

• Tuesday, October 20, 2009
• Pujols 5 Restaurant
• 342 Westport Plaza
• St. Louis, MO, USA

Cost: Free to ISSA Members and Guests

For event details and registration CLICK HERE

The 24th Annual 2009 ISSA SoCal Security Symposium

Orange County Chapter of ISSA

• Thursday, October 29, 2009
• Hyatt Regency Long Beach
• Long Beach, CA, USA

Cost: ISSA Members - $75
Non-members - $95

For event details and registration CLICK HERE

Magnify Your Security - GA ISSA Annual Meeting

Metro Atlanta Chapter of ISSA

• Wednesday, November 11, 2009
• Loudermilk Convention Center
• Atlanta, GA, USA

Cost: ISSA Members - $65.00, Student ISSA Members - $59.00, Non-ISSA Members - $100.00, Student Non-ISSA Members - $75.00
Discount Code: 2009earlybirdspecialmember

For event details CLICK HERE

For event registration CLICK HERE

ISSA CISO Executive Forum

*CISO Forum dates and locations are subject to change.

Anaheim, CA	September 19 - 20, 2009 Theme: Cyber Crime
Las Vegas, NV	November 12 - 13, 2009 Theme: Looking forward; What the CISO Will Need to Know in The Next Decade

For details on the CISO Forum please visit http://ciso.issa.org.

*CISO Executive Memberships are subject to approval. Applicants and guests must be executive level information security professionals; reporting directly to the CEO, CFO, CIO, and be responsible for internal security for their organization. Complete membership criteria is available at: http://ciso.issa.org/Membership/Membership-Criteria.html

Industry Events

Zscaler IDC Webcast

Learn from Gartner’s Peter Firstbrook about the challenges and benefits of SaaS Web Security. Then hear a firsthand account from a health care customer who found a Data Leakage issue right after turning on the service. Finally Michael Sutton VP of Research at Zscaler explains why AV signatures are not sufficient and what is needed to protect yourself in a Web 2.0 world.

Cost: Free

CLICK HERE to register and begin viewing

Hacker Halted USA 2009

• September 20 – 25, 2009
• Hilton Miami Downtown
• Miami, FL, USA

Cost: $899
Discount Code: HH-SP-ISSA

For event details and registration CLICK HERE

SECUREWORLD EXPO

September 16 – 17, 2009

• Bay Area SecureWorld
• Santa Clara, CA, USA

September 29 - 30, 2009

• Detroit SecureWorld
• Detroit, MI, USA

October 28 - 29, 2009

• Seattle SecureWorld
• Seattle, WA, USA

November 4 - 5, 2009

• Dallas SecureWorld
• Dallas, TX, USA

ISSA MEMBERS are offered a $100 discount off the $245 conference pass which includes access to the Conference Sessions, Conference Breakfast Keynote, Exhibits & Open Sessions (Includes Lunch) and 12 CPE credits. Register on-line using code ISSNWS9.

SecureWorld+  Extended Training 2009 includes 4+ hours of intense training worth 16 CPE credits and full access to the complete SecureWorld conference program. SecureWorld+ Pass is only $495 with special ISSA member discount, register using code ISSNWS9.

For event details and registration CLICK HERE

Technical Management Program

• September 13 – 18, 2009
• UCLA Covel Commons

Cost: $3,295
Discount to ISSA Members: 15%

For details and registration CLICK HERE

ASIS International 55th Annual Seminar & Exhibits

• September 21 – 24, 2009
• Anaheim, CA, USA

Discount to ISSA Members: Receive the ASIS member price
For ISSA Member discount registration CLICK HERE

ASIS Keynotes/General Sessions Overview CLICK HERE

Download Complete Seminar Overview (pdf) CLICK HERE

Securecon

• October 4 – 7, 2009
• JW Marriott Hotel
• Dubai, UAE

Cost: US$ 2,599.00
Discount to ISSA Members: US$ 1,899.00
Discount Code: A1029ISSA

For event details and registration CLICK HERE

SC World Congress

• October 13 – 14, 2009
• Sheraton New York Hotel & Towers
• New York, NY, USA

Discount to ISSA Members: $200 off the prevailing rate at time of registration (2 day conference pass only) and/or free exhibits admission
Discount Code: ISSA

For event details and registration CLICK HERE

DeepSec In-Depth Security Conference (IDSC)

• November 17 – 20, 2009
• The Imperial Riding School Vienna - A Renaissance Hotel
• Ungargasse 60, Vienna 1030
• Vienna, Austria

Cost: Conference Early Bird Booking (L)595, Regular Booking (L)645, On-Site Registration (November 19-20) (L)695; workshops Early Bird Booking (L)1295, Regular Booking (L)1495, On-Site Registration (November 17) (L)1695; package conference + workshops Early Bird Booking (L)1595, Regular Booking (L)1795, On-Site Registration (November 17) (L)1995
Discount to ISSA Members: 20%
Discount Code: issa-Xieph9

For event details and registration CLICK HERE

International Conference on Cloud Computing and Virtualization 2009

• November 25 – 26, 2009
• Suntec International Convention and Exhibition Centre
• Singapore

Cost: S$1499 (Regular Fee) and S$1299 (Early Bird Fee)
Discount to ISSA Members: 10%
Discount Code: ISSA

For event details and registration CLICK HERE
Or contact Gynn Ho at: + 65 6327 0166, or by Email

GTRA Council Meeting (Including NEW DefenseGOV Program)

• December 6 – 8, 2009
• Bedford Springs, PA, USA

Cost: Government ISSA Members receive special $599 rate
Discount Code: ISSA599

For event details and registration CLICK HERE

American Conference Institute's 9th National Symposium on Privacy & Security of Consumer & Employee Information

• January 27 – 28, 2010
• Washington, D.C., USA

Cost: TBD
Discount to ISSA Members: $200 discount
Discount Code: "ISSA"

CeBIT Security World

• March 2 – 6, 2010
• Hannover, Germany

Discount to ISSA Members: Discounts vary according to exhibitors' stand selection (i.e. row/corner booth, raw space/turnkey exhibit package). Hannover Fairs offers a "Newcomer special" for companies that have not exhibited at CeBIT in 2009 - this discount is also available for ISSA members. For 2010, we have reduced our pricing to (starting from) (Euro) 244.00/sqm + (Euro) 300 processing fee (excluding 19% reclaimable German VAT), with no additional fees. (Fee provided above in Euros, since the US Dollar exchange rate is subject to change)

For event details and registration CLICK HERE