Embracing Knowledge
Combining ASIS and (ISC)2 under one roof provides continuous education under one roof
- By Raymond T O’Hara
- Aug 01, 2011
You can have all the best technology the world has to offer, but if you do not have the right people with a proper balance of knowledge, skills, abilities and experience in recognizing changes in cyber attack methods, your organization’s, and your customers’, data are not safe. That is why information security professionals need to be involved constantly with some form of continuing education in the way of industry conferences, seminars, peer groups and certification.
The first (ISC)2 Security Congress, co-located with the ASIS International 57th Annual Seminar and Exhibits, Sept. 19-22 at the Orange County Convention Center in Orlando, Fla., provides just the opportunity.
The events, bringing together experts and topics representing both the traditional and logical sides of security, offer information security professionals a unique opportunity to collaborate with counterparts from across the industry. Professionals can attend any of the 200-plus conference sessions and 22 education tracks, register for the security congress or the annual seminar, visit all of the more than 700 exhibitors (including the (ISC)2 pavilion), and network with peers from around the globe.
Sessions will cover a full range of timely security topics, such as: “Critical Infrastructure Protection and Risk Management,” “Cloud Incident Response,” “The ABCs of Mobile Global Enterprise” and “Impact of Social Networking on Security Threats.” The ASIS Information Security Technology Council will deliver seven sessions on topics related to cloud computing, information security and cyber security. Sessions include: “Forensics and EDiscovery,” “Legal and Compliance Aspects of I.T.” and “Current Trends in Identification and Access Management.”
“The roles of the information security and traditional security professionals within the global business marketplace are rapidly evolving, converging,” said ASIS President-elect Eduard Emde. “By co-locating our annual events, our combined memberships of more than 100,000 professionals gain access to core knowledge and best practices across the full spectrum of information and traditional security. The opportunity to connect with one’s security counterpart and to build a solid practitioner network is one of the most valuable benefits to be derived from this relationship.”
Attendees will have an opportunity to prepare for professional certification in the days preceding the events in Orlando. ASIS certification reviews will be offered Sept. 16-17 for the Certified Protection Professional, Professional Certified Investigator and Physical Security Professional examinations. On Sept. 17-18, a series of (ISC)2 credential clinics are scheduled—CISSP, CSSLP, CAP and SSCP—as well as an official two-day review seminar for both CSSLP and CISSP.
The (ISC)2 2011 Global Information Security Workforce Study indicated that security education and certifications play a vital role in an information security professional’s continuing education. Threats and attacks against information systems are at an all-time high, and information security professionals need to be looking constantly for ways to improve their skill sets to battle the ever-changing attacks of cyberciminals. According to Verizon’s fourth annual Data Breach Investigation Report, 96 percent of breaches were avoidable through simple or intermediate controls. Security is not only about the technology, it is about having people with the right credentials and experience.
“The threat landscape is full of surprises,” said W. Hord Tipton, (ISC)2 executive director. “When breaches resulting from physical security vulnerabilities double twice in two years, the information security community must collaborate with the physical security community so we can present a unified front to combat these dynamic challenges. Co-locating our events opens and facilitates that critical dialogue.”
Dialogue among professionals is certainly the first line of defense, but it’s not easy to know where to go from there. Convergence of the two disciplines is not as simple as merging physical and information security functions on an organizational chart. Inspiration on approaches to collaboration is something else conference attendees can expect to walk away with.
“Recognizing that information security is a facet of security management, ASIS and its Information Technology Security Council, has been working closely with (ISC)2 and its members to create large-scale, global opportunities to meet advancing security requirements,” said Shayne Bates, chair of the ASIS Information Technology Security Council. “Having the (ISC)2 Security Congress and the ASIS Annual Seminar and Exhibits together under one roof is extraordinary and sets the stage for valuable exchanges of new knowledge.”
Small and large organizations alike should require their security management to attend events on the scale of ASIS 2011 and the (ISC)2 Security Congress, where they will receive information from educational sessions, career-enhancing programs. Additionally, they will have the opportunity to connect face-to-face with peers from diverse backgrounds and interest and share experiences, brainstorm solutions and exchange ideas, as well as pursue certifications and other career development tools. This venue will provide the knowledge and education to keep attendees abreast of new technologies, policies, processes and skills to effectively mitigate risk.
With cyber attacks ever present, it is imperative that education bodies such as (ISC)2 and ASIS work together to develop highquality programs for the broader security community to distinguish and validate a highly qualified workforce.
This article originally appeared in the August 2011 issue of Network-Centric Security.
About the Author
Raymond T. O’Hara, CPP, is the 2011 president of ASIS International.