Monday, October 13, 2014

2014 ISSA International Conference

On October 22-23 in Orlando, ISSA (International System Security Association) iholding their 2014 International Conference.  I am attending, and this will be my first time at this event.  Also, as I'm the Secretary of our local chapter, am going to be up there on the 21st for the Chapter Leader's Summit.

I plan to report here on my impressions of the event.

Hope I see some of you there.




Friday, October 10, 2014

ITpalooza 2014

Here in my local area, we have an event aimed at IT people during the holidays called ITpalooza.  Now in it's third year, this event aims to bring together the various user groups and professional associations, along with vendors and recruiters, and have various speakers.

ITpalooza 2014 will be held December 4th at Nova Southeastern University.  It runs all day, with speakers, training, fun stuff and more.

Check out the website.  The event is FREE.


Thursday, October 9, 2014

ISACA's new Cybersecurity Nexus

ISACA, the professional association for those involved in IT Audit and Controls, has decided to move into the realm of "cybersecurity" with their Cybersecurity Nexus (CSX).

I've been a member off and on for several years, but for me the group was about IT audits and IT control, such as COBIT.  I joined other organizations for cybersecurity, such as ISSA, and SANS.  I don't know why ISACA feels they need to move into that area, it's not like there is a need for yet another group involved here.

Further, as part of this, they've created a new entry level certificate, Cybersecurity Fundamentals.  This is meant for those just getting into cybersecurity.  It has no experience requirements, nor does it expire.  For me, certificates that don't require experience or don't expire are not as valuable as those which do.  And unlike ISACA's other certifications, this one is taken on-line on-demand.

I'm one of those people who doesn't see the value in duplicating effort.  I feel they are duplicating effort that is already being done by other organizations (ISSA, ISC(2), SANS, etc).  I'd rather see them partner with an existing group then move beyond their "core purpose".

Any other thoughts?


Wednesday, October 8, 2014

October is National Cyber Security Awareness Month 2014

For those not aware, October is National Cyber Security Awareness Month.

"NCSAM is designed to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident. October 2014 marks the 11th annual National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance (NCSA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC)."

Now, locally, Nova Southeastern University's Graduate School of Computer and Information Sciences is hosting a series of events that tie in with NSCAM.

Among their public events are:

* September 30- FBI Special Presentation on "Cyber Security Threats and Trends"
* October 22- DHS Special Presentation on Cybersecurity: A Shared Responsibility

In addition, they have had other events for selected groups, like high school students and college students.

What is happening locally for you??


I'm back!

After too long, am back to posting new items to my blog.

There are several items I am working on.  Here are some:

* further postings on the 20 books.

* Android security

* Security frameworks, such as NIST Cybersecurity Framework

* recent breaches

* the security skillset issue

* upcoming events

and more