Print Page   |   Contact Us   |   Sign In   |   Register
ISSA Journal Call for Articles


The ISSA Editorial Advisory Board seeks article submissions from information security professionals throughout the industry. Security experts in the enterprise, academia, and government are encouraged to share their expertise to the advancement of our industry. ISSA members and non-members are welcome to contribute. Please submit articles to the ISSA Journal Editor and review in advance the Editorial Guidelines. Include the copyright release and submission checklist with your article. Note that accepted articles may be eligible for CPE credits.

We occasionally revisit past topics for inclusion when space permits: see below.

The Open Forum

The Open Forum is a vehicle for individuals to provide opinions or commentaries on infosec ideas, technologies, strategies, legislation, standards, and other topics of interest to the ISSA community. Open Forum articles are not intended for reporting news; they must provide insight, opinion, or commentary to initiate a dialog as to be expected from an editorial. The views expressed in this column are the author’s and do not reflect the position of the ISSA, the ISSA Journal, or the Editorial Advisory Board. Columns should be 800 words maximum and include a title, a short bio, and a photo.


May: The Cloud

The cloud has many different forms, but typically we describe cloud services as public, private, and hybrid. It is almost universally accepted that the security of data, along with the underlying system and network components, is a work in progress. There are both technical as well as legal, regulatory, and governance aspects to the data protection models we strive to achieve. Add to this the use of different virtualization techniques that underly the different cloud forms and the design, architecture, deployment, and management of a cloud becomes very complex. We are looking for your input, ideas, experience, and observations as to what works, what doesn't, what standards should be applied, and what considerations should a security practitioner keep in mind when deploying a cloud. Avoiding the cloud is not the answer, so what practical solutions do you have to meet the business requirements?

Articles Due: NOW

June: Big Data/Machine Learning/Adaptive Systems

Artificial intelligence (AI), machine learning, predictive analytics are the latest buzzwords in information security; in particular, in the areas anti-virus and threat detection. Clearly threats are becoming more sophisticated and as their offensive capabilities increase we must look for ways to address and counter those. It is possible that new methods based upon AI, deep learning and analytics may be incorporated into adaptive controls and countermeasures that can better address the more complex threat environment we now face. Can these techniques help? The ISSA Journal is looking for your thoughts in this area.

Articles Due: 4/2/17

July: Cybersecurity in World Politics

The highest level politicians and bureaucrats have had great difficulties from mixing personal and state secret email, failed security, and hacked communication systems. This has elevated cybersecurity to new heights of international political attention. Should we praise or condemn whistleblowers like Snowdon or Assange? Should ISSA welcome information security professionals from Russia, China, or North Korea into membership? How do international political cybersecurity events affects us? What must we do and what roles must we attempt to play in these world-shaking issues?

Articles Due: 5/22/17

August: Disruptive Technologies

Waves of disruptive technologies continually threaten to sweep away existing business landscapes. Blockchain, tokenization, 5G networks, quantum cryptography, smart cars, and the Internet of Things (IoT) are names of just a few. All promise the disintermediation of our competitors, and offer us unlimited new opportunities if only we become early adopters willing to accept the risks. This issue of the Journal seeks articles on the security threats and vulnerabilities of all things disruptive, and solutions that can help us to embrace the coming new technology waves and manage the risks.

Articles Due: 6/22/17

September: Health Care

Healthcare is one area of particular focus for information security practitioners as there are very specific security, privacy and technological issues and mandates one must deal with. These also vary by jurisdiction. There are also many tools security professionals can use in this space that allow for a relatively consistent application of controls. We are looking for your thoughts and ideas on information security in the healthcare space.

Articles Due: 7/22/17

October: Addressing Malware

For almost as long as there have been computing platforms in use, there have been inherent threats associated with them. One of the most prevalent is malicious software. From the Cascade and Brian viruses to the XcodeGhost exploit, malware has been an inevitable part of the computing landscape. As technology matured and became more sophisticated, so did the malware variations and the damage it has caused to millions of computers around the world. This month's issue of the ISSA Journal will explore the types of malicious software in the wild and how it has evolved as well as the techniques used by cyber-security professionals to mitigate the risks posed by it.

Articles Due: 8/22/17

November: Cryptography & Quantum Computing

Quantum computing offers great promise, the potential for us to solve problems that were not feasible to solve on classical computers. But there's a downside to this promise. In the quantum computer future, attackers will enjoy improved cryptanalysis capabilities. These improvements will make some of our existing cryptographic security controls more vulnerable to attack and make it much harder to defend our systems. This issue of the Journal seeks articles that can help security professionals navigate the quantum future. Topics of interest include, but are not limited to, Quantum Computers, Quantum Random Number Generators (QRNG), standardization activities, Quantum Safe Computing, and Quantum Cryptography (e.g., Lattice-based unique key exchange, McEliece code-based encryption, Leighton-Micali signatures, etc.).

Articles Due: 9/22/17

December: Social Media, Gaming, and Security

Based on 2016 statistics, 155 million Americans play online games regularly and 78 percent of the population has a social networking profile. With staggering numbers like this, these industries will probably thrive for the foreseeable future. Being interconnected with others in the community and around the world through these vehicles can be exciting but also poses numerous risks such as predators, addiction, identity theft, malware intrusion, and social engineering. These issues require both the vendors and consumers to become more vigilant to effectively protect themselves. Furthermore, tackling them can be complicated and time consuming and will inevitably impact this landscape. What research, experience, or best practices do you have to share in this area? The ISSA Journal is interested in hearing from you.

Articles Due: 10/22/17


Past Topics

April: New Technologies in Security

March: Internet of Things

February: Legal, Privacy, Regulation, Ethics

December: Security Architecture

November: Practical Application and Use of Cryptography

October: Cybersecurity Careers & Guidance

September: Payment Security

August: Internet of Things

July: Social Media Impact

June: Legal, Privacy, Regulation

May: Breach Reports - Compare/Contrast

April: Malware Threat Evolution

March: Mobile Apps

February: Big Data / Data Mining & Analytics

January: Securing the Cloud

November: Social Media and Security

October: Infosec Career Path

September: Academia and Research

August: Privacy

July: Malware and How to Deal with It?

June: The Internet of Things

May: Infosec Tools

April: Security Architecture / Security Management

March: Physical Security

February: The State of Cybersecurity

January: Legal and Regulatory Issues

November: Cyber Security / Cyber Defense

October: Data Protection Strategies and Controls

September: History of Information Security

August: Big Data: Use and Security Ramifications

July: Practical Use of Infosec Tools

June: Identity Management

May: Healthcare Threats and Controls

Community Search
Sign In


International Web Conference - Evolution of Cryptography

ISSA Pre-Professional Virtual Meet-Up: Navigating Different Career Paths into the Profession

Boise ISSA 2017 InfoSec Conference


5/3/2017 » 5/4/2017
Counter Terror Expo

Copyright © 2016, Information Systems Security Association, All Rights Reserved
Privacy PolicyCopyright Information