From the President
Andrea Hoy, International President
Happy New Year! Bonne annee’! Szczesliwego Nowego Roku! Feliz año nuevo! Manigong Bagong Taon! Felice Anno Nuovo or Buon anno! Mutlu Yillar! Ein glückliches neues Jahr! Hauoli Makahiki hou! And Shanah tovah u’metuka (שנה טובה ומתוקה) or hopes for a good and sweet year!
From a cybersecurity professional’s perspective, we probably can relate to the differentiation of having a “good” year versus a “happy” one. Many of us remember notable events in 2016 that probably did not make anyone “happy.” Those in our Healthcare SIG might recall cancer-care service provider 21st Century Oncology’s announcement that 2.2 million patients may have had their personal information affected by a breach in October 2015: hackers had access to patient names, Social Security numbers, doctors, diagnosis and treatment information, along with insurance information. Even the loss of one password-protected laptop led to 200,000 patients’ sensitive information being exposed in the Premiere Healthcare case. Maybe it was the Yahoo breach announcements of 500 million accounts being stolen by a state-sponsored actor, then later in December one billion accounts!
Meanwhile it was a “good year” from the perspective of heightened awareness of cybersecurity and privacy issues by the average person on the street. As well, leading companies—and more importantly their boards—have been addressing and providing better protection of sensitive personal and company information.
In 2016, with consumers embracing the Internet of Things, hackers brought us Mirai, causing possibly the largest DDoS attack known to date, delivering 665 Gigabits per second and 143 million packets per second of unwanted traffic via hijacked IoT devices to the Krebs on Security blog.
The increase in regulations, as well as privacy concerns, meant an increase in regulatory compliance, leading many companies to address information security budget increases. In the first six months of 2016, even the US federal government had hired 3,000+ new cybersecurity/IT professionals as part of its first Federal Cybersecurity Workforce Strategy. And the president’s 2017 budget contains a proposed $3.1 billion to overhaul difficult-to-secure systems.
So looking forward, ISSA aims to continue providing timely and thought-provoking information and educational resources. And more importantly, we want to provide the peer/industry networking necessary to give you a global helping hand.
Our global Special Interest Groups (SIGS) are ready to ring in the new year with exciting webinars and meetings. We had two very successful joint events in December, one the IEEE Women in Engineering Internet of Things World Forum, the other with SANS Connect. ISSA members can look forward to more of these events throughout 2017.
For CISOs, our excellent CISO Executive Forum is set up by a committee of your peers and overseen by CISO Executive Forum chair and International director Debbie Christofferson. This year’s with be at RSA; in partnership with the IAPP conference in Washington, DC; at Black Hat in Las Vegas; and the ISSA International Conference in San Diego.
And be sure to join us January 24 for this year’s first ISSA web conference where we discuss more of what to expect in 2017!
To our ISSA members across the globe: have a Happy and Good New Year!