Information Systems Security Association International (ISSA Intl)

The ISSA Editorial Advisory Board seeks article submissions from information security professionals throughout the industry. Security experts in the enterprise, academia, and government are encouraged to share their expertise to the advancement of our industry.

ISSA members and non-members are welcome to contribute.
Note that accepted articles may be eligible for CPE credits.

To learn more about contributing articles and to submit please visit https://www.members.issa.org/page/journal-contribute

New Speaker! Jason Keirstead, VP of Collective Threat Defense at
Cyware will join ISSA Board Director Alex Grohmann at our Aug 30th web conference, "We Have Plenty of Security Tools – Now We Need to Connect the Dots"

Register today! https://www.issa.org/event/we-have-plenty-of-security-tools-now-we-need-to-connect-the-dots/

ISSA International President, Candy Alexander, discusses 30 years in the industry, ISSA, and cyber resiliency with ITPro Today's Brandon Taylor.

Candy will be one of the featured keynote speakers at Cyber Resilience 2023 - a live virtual event, tomorrow, Aug. 24. She will discuss, "Cyber Resilience 2023: How to Keep IT Operations Running No Matter What."

ww.itprotoday.com

We’ve long known that there are far too many threats and security alerts, for overstretched analysts to respond to. But as enterprises have piled on new layers of security, especially during the COVID era, the sheer number of disparate tools is making the problem worse – not better. Recent estimates are that large enterprises average over 100 discreet security tools, many of which don’t play nicely together.

Today’s security challenges are less about detection, than connecting the dots. Register now for our August 30th, "We Have Plenty of Security Tools – Now we Need to Connect the Dots." Cyware's W***y Leichter joins ISSA International Board Director Alex Grohmann to discuss strategies to empower your security team through orchestration, automation, and collaboration tools, to connect systems across platforms, and connect the right people across silos to take intelligence-driven action.

Learning Objectives:
- How to connect people and systems across security silos
- The need to orchestrate disparate security tools
- Strategies for effective automation with humans in the loop
- Integrating collaboration and threat intel sharing across organizations

https://www.issa.org/event/we-have-plenty-of-security-tools-now-we-need-to-connect-the-dots/

RESCHEDULED -
Ensuring access is secure in the digital era is critical, especially with the rise of hybrid workforces, apps migrating to cloud, the sheer number of devices, and the sophistication of cyber threats. How can you ensure that your users, devices, and data are protected no matter where they are or what they access?

Join us August 23rd as Axis Security's Jaye Tillson and ISSA International Board Director Lee Neely Join Betty Burke for, "Solving the secure access challenge for the next decade & beyond with SSE."

In this webinar, you’ll learn why Security Service Edge (SSE) is helping teams achieve secure business access for the next decade and beyond. Discover how SSE can help you:
- Simplify management and reduce complexity by consolidating multiple security functions into a single platform
- Reduce risk and compliance costs by preventing data breaches, malware infections, and over-privileged access
- Enhance performance and user experience by optimizing access to the internet, SaaS, and private applications
- Improve visibility and control by enforcing consistent policies and monitoring user behavior across all edges

Register today! https://www.issa.org/event/solving-the-secure-access-challenge-for-the-next-decade-beyond-with-sse/

Congratulations to the mHACKeroni team, winners of this year's Hack-A-Sat competition at DEFCON and to their professor and advisor, our very own ISSA International Board Director, Stefano Zanero!

The team included members of five Italian cyber research teams and was tasked with hacking an actual live satellite zooming above Earth.

ISSA International's COO and president-elect Dr. Shawn P. Murray was invited to join a U.S. Senate Committee field hearing panel to share his thoughts on protecting small businesses from cyber crimes. Also on the panel were Ms. Gretchen Bliss, Director of Cybersecurity Programs

Cybersecurity Programs Office at the University of Colorado in Colorado Springs; and Mr. Alfred Ortiz, CEO of CSD Cyber. The panel discussed their experiences in the industry with Senator John Hickenlooper and made recommendations on how to support small businesses to become more secure and build their cybersecurity defenses. Kevin Stine, Chief of the Applied Cybersecurity Division at the National Institute of Standards and Technology (NIST) also spoke.

You can watch the full hearing at - https://www.sbc.senate.gov/public/index.cfm/2023/8/cybersecurity-challenges-and-opportunities-for-small-businesses

Dr. Shawn P. Murray, ISSA COO and president-elect, will be testifying before the United States Senate Committee on Small Business and Entrepreneurship “Cybersecurity: Challenges and Opportunities for Small Businesses” Field Hearing today, August 15, at 2:30pm Mountain Time. (4:30 Eastern)

Watch his testimony -

Register to attend remotely:
Registration link: https://www.eventbrite.com/e/us-senate-committee-field-hearing-on-small-business-cybersecurity-tickets-694934597087?aff=oddtdtcreator

Watch Live Stream:
https://www.sbc.senate.gov/public/index.cfm/2023/8/cybersecurity-challenges-and-opportunities-for-small-businesses

The August edition of the ISSA Journal is here!

Read a complimentary copy of this month's featured article, "The New Era of Cybersecurity Sovereignty" by Tim Wallen.

Become a member and enjoy full access along with all ISSA members benefits. issa.org/journal/august-2023/

Please join us in congratulating our 2023 ISSA Senior Members!
- Dr. Nicholas Kovach
- Richard Kidder
- Michael S. Oberlaender
- Michael Currie
- Brandon Leatha
- Richard Ross
- Dr. Michael R. Coultrap DCS
- Pat Pivarnik
- David Arra
- William Jay Carson
- Seth Wilson
- Ravi Monavarty
- April Frost
- Erick L. Herzberg
- Rob Carson
- Michael F. Lehman
- Lorenzo Thweatt
- TuWauna R. Reid
- Michael S. Hennick
- Jon Ringler
- Michael W. Hill

Please join us in celebrating our 2023 ISSA Fellow recipients!
- Robert S. Hansel
- Edmond Momartin
- Connie Matthews Reynolds
- Peter Richard Hill
- Frank Gearhart
- John F. Petrie III
- Marek Kuczynski EMBA
- Srikant Mantravadi
- Phebe Clark Swope

ISSA International recently launched the Apprenticeship, Internships, Mentorships (AIM) Program to help bridge the gap that exists from the time a student or professional transitioning to a cyber career to the time it takes to contribute to an organization’s cyber team positively.

Join us August 17th as Dr. Shawn P. Murray, ISSA Intl COO and President-Elect, and Betty Burke, ISSA Intl Board Director, discuss developing alliances with like-minded organizations to ensure skills development and workforce readiness is easily available and accessible to all pre-professionals and entry-level employees.

Please join us in celebrating our 2023 ISSA Distinguished Fellow recipients!
- Wally Magda,
- Clyde "Howard" Gordon, Jr.,
- Jimmy Sanders, and
- John Donovan!

The ISSA Fellows Program formally recognizes significant contributions to the cyber community, cyber profession, ISSA leadership and sustained ISSA membership. The elite status of Distinguished Fellow designation is limited to only 1% of ISSA members.

Ensuring access is secure in the digital era is critical, especially with the rise of hybrid workforces, apps migrating to cloud, the sheer number of devices, and the sophistication of cyber threats. How can you ensure that your users, devices, and data are protected no matter where they are or what they access?

Join us August 23rd as Axis Security's Jaye Tillson and Lee Neely, ISSA International Board Director, discuss "Solving the secure access challenge for the next decade & beyond with SSE." You’ll learn why Security Service Edge (SSE) is helping teams achieve secure business access for the next decade and beyond.

Discover how SSE can help you:
- Simplify management and reduce complexity by consolidating multiple security functions into a single platform
- Reduce risk and compliance costs by preventing data breaches, malware infections, and over-privileged access
- Enhance performance and user experience by optimizing access to the internet, SaaS, and private applications
- Improve visibility and control by enforcing consistent policies and monitoring user behavior across all edges

Register today! https://www.issa.org/event/solving-the-secure-access-challenge-for-the-next-decade-beyond-with-sse/

Our August Cyber Executive Forum has ended and we would like to thank our all of our speakers who shared their time and expertise - Jimmy Sanders, Candy Alexander, David Maxwell, Janelle Hsia, Stefano Zanero, Sravish Sridhar, Renee Guttmann-Stark, Dutch Schwartz, Jim Reavis, Tammy Moskites, Dr. Shawn P. Murray, and Marc Thompson.

We would also like to thank our Cyber Executive Forum Members and guests who have joined us in Las Vegas. We hope to see you at next quarter's event in Dallas November 2-3, 2023.

If you are not already a member, learn how you can join the Forum at issa.org/membership/join-an-exclusive-community-of-cyber-security-leaders/

ISSA is pleased to announce our 2023 Security Professional of the Year - Paige Needling!

The Security Professional of the Year honors one (1) individual who best exemplifies the most outstanding standards and achievement in information security in the preceding year.

ISSA is pleased to announce our 2023 President's Award for Public Service recipient - Sametria McKinney!

The President's Award for Public Service recognizes an individual's contribution to the information security profession in the area of public service.

ISSA is pleased to announce the 2023 Volunteers of the Year recipients!
- Jack Freund
- Larry Holt
- Richard Larkins

The Volunteers of the Year Award recognizes a member who has made a significant difference to their chapter, the association or the information security community through dedicated and selfless service to ISSA.

ISSA is pleased to announce our 2023 Honor Roll recipients.
- Frank Gearhart
- Lora Woodworth
- Mathieu Gorge

Honor Roll is a lifetime achievement award recognizing an individual's sustained contributions to the information security community, the advancement of the association and enhancement of the professionalism of the membership.

ISSA is pleased to announce our 2023 Hall of Fame recipients.
- Clement Dupuis
- Dr. Shawn P. Murray
- Troy Adam Hunt
- Randall Frietzsche
- Richard Greenberg

Hall of Fame is a lifetime achievement award recognizing an individual's exceptional qualities of leadership in their own career and organization as well as an exemplary commitment to the information security profession.

Welcome to our 2023 ISSA International Awards Gala at the Park MGM in Las Vegas! It was an evening celebrating excellence and dedication to the cybersecurity industry.

Thank you to our sponsors Bluecat Networks, Inc and ArcLight6 Consulting for helping to make this evening possible.

Congratulations to our 2023 ISSA International Chapters of the Year!
International - Poland ISSA Polska: Stowarzyszenie do spraw Bezpieczeństwa Systemów Informacyjnych
Large Chapter - Colorado Springs Chapter of the ISSA
Medium Chapter - ISSA Los Angeles Chapter
Small Chapter - Northern Colorado

The cybersecurity workforce has been a frequent topic in the news. The new White House National Cyber Workforce and Education Strategy includes many areas ISSA is already working to improve. ISSA International President Candy Alexander, and ISSA Women In Security Special Interest Group Co-Chair Debbie Christofferson discuss how women play a crucial role in cybersecurity and ways to remove barriers that prevent more women from entering the field.

Read the full article in SC Media

mediaww.scmagazine.com

In this month's ISSA International President letter in the ISSA Journal, Candy Alexander, looks back on her time as president of the association and talks about the role volunteering plays in our lives, the motivation to further our industry, and helping others develop their skills. Be sure to check out the August edition of the ISSA Journal for the President's Letter, this month's featured article, and more!

ISSA President Candy Alexander, shared her thoughts on the recent White House Cyber Workforce Strategy and three things in particular stand out - the emphasis on educating the general public, the incorporation of cybersecurity into the K-12 curriculum, and the call for a true public/private partnership with educators, industry, and government. Read what she has to say about them and the strategy in Jai Vijayan's article in Dark Reading.

White House Cyber Workforce Strategy: No Quick Fix for Skills Shortage A lot of what the strategy proposes is well-intentioned but somewhat aspirational at the moment, industry experts say.

Join us tomorrow, August 3rd, for "The Cloud Cyber Security Market in Europe," hosted by the ISSA Women In Security Special Interest Group.

ISSA International Board Director Betty Burke welcomes Linda Strick, Director CSA EMEA of the CSA: Cloud Security Alliance. Get an insight into the European market, based on a study recently published by ENISA (The European Union Agency for Cybersecurity). This webinar will focus on compliance of Cloud Services regarding international, national and sectoral requirements, which makes it difficult to provide a “standard” service to Europe.

Register today!

WIS: The Cloud Cyber Security Market in Europe - ISSA International ISSA developed the Cyber Security Career Lifecycle® (CSCL) as a means to identify with its members. ISSA members span the information security profession - from people who have yet to enter the profession to people who are entering into retirement. Realizing that the needs of its members change, as...

Candy Alexander, ISSA International President, says the NCWES couldn’t be timelier. “ISSA has long been studying the life and times of the cybersecurity professional for the past 7 years and has seen little change in the cyber skills gap. In fact, it is widening. The Biden Administration’s strategy is exactly what the industry needs and addresses what we have been advocating for: the collaboration of education institutions, government programs, corporate organizations, and the cyber association communities to build pathways to bridge the gap between pure education and employment,” she noted.

Read Zeljka Zorz's article in HelpNetSecurity -

US government outlines National Cyber Workforce and Education Strategy - Help Net Security The Biden-Harris Administration has unveiled the US National Cyber Workforce and Education Strategy (NCWES).

You will not want to miss tomorrow's ISSA web conference! Join us August 2nd as Sam Aiello and ProcessUnity's Andrew Egoroff join ISSA International Board Director, Alex Grohmann to discuss, "How to Build an Effective Cybersecurity Governance Framework."

Good cybersecurity governance is more important than ever before with new mandates from the SEC on cybersecurity risk management and the increasing emphasis placed on information security by investors. By building a cybersecurity governance framework that connects your programs and processes with your controls, frameworks and policies, you can increase visibility into your program and empower stakeholders to protect against cyber risk.

In this webinar, you will learn how to:- Establish a strong program baseline by crosswalking your controls, policies and procedures;
- Create enterprise-wide accountability for risks, policies and controls from the operational level to the board level;
- Align technology and departments on risk management workflows; and
- Optimize your program’s operations to improve your organization’s security posture.

How to Build an Effective Cybersecurity Governance Framework - ISSA International ISSA developed the Cyber Security Career Lifecycle® (CSCL) as a means to identify with its members. ISSA members span the information security profession - from people who have yet to enter the profession to people who are entering into retirement. Realizing that the needs of its members change, as...

Get A Sneak Peak at the ISSA International Awards Gala Event and Meet The 2023 Awards Nominees!

Join Mark Hahn, the Chair of our ISSA Awards Committee, and our sponsor ArcLight6 Consulting, as we prepare to celebrate Excellence and Achievement in our industry. We will kick-off the spirit of recognition as we honor remarkable contributions across a diverse range of categories in the field of information security. Come learn about our many deserving award nominees ahead of our ISSA Awards Gala on August 5th.

The live event will be streamed from The Park MGM Las Vegas August 5th at 5:00 PM PDT

Introducing our 2023 ISSA International Award Nominees - ISSA International Join us as we prepare to celebrate Excellence and Achievement in our industry. In this webinar, sponsored by ArcLight6, the Chair of our ISSA Awards Committee, Mark Hahn, will kick-off the spirit of recognition as we honor remarkable contributions across a diverse range of categories in the field of...

Join us August 3rd for, "The Cloud Cyber Security Market in Europe," hosted by the ISSA Women In Security Special Interest Group.

ISSA International Board Director Betty Burke welcomes Linda Strick, Director CSA EMEA of the CSA: Cloud Security Alliance. Get an insight into the European market, based on a study recently published by ENISA (The European Union Agency for Cybersecurity). This webinar will focus on compliance of Cloud Services regarding international, national and sectoral requirements, which makes it difficult to provide a “standard” service to Europe.

Register today!

Join us August 2nd as Sam Aiello and ProcessUnity's Andrew Egoroff join ISSA International Board Director, Alex Grohmann to discuss, "How to Build an Effective Cybersecurity Governance Framework."

Good cybersecurity governance is more important than ever before with new mandates from the SEC on cybersecurity risk management and the increasing emphasis placed on information security by investors. By building a cybersecurity governance framework that connects your programs and processes with your controls, frameworks and policies, you can increase visibility into your program and empower stakeholders to protect against cyber risk.

In this webinar, you will learn how to:
- Establish a strong program baseline by crosswalking your controls, policies and procedures;
- Create enterprise-wide accountability for risks, policies and controls from the operational level to the board level;
- Align technology and departments on risk management workflows; and
- Optimize your program’s operations to improve your organization’s security posture.

Learn more - https://www.issa.org/event/how-to-build-an-effective-cybersecurity-governance-framework/

Join ACI Learning's Chief Technology Officer Don Pezet and Boise State's S.M. Loo tomorrow, July 26, for a discussion on conducting skills gap analysis for your tech team.

Today’s business leaders expect to know that the training they invest in will be effective and engaging. What’s worse than spending money on training that employees do not need, dread, and doesn’t work? Skills gap analysis allow leaders to see weaknesses in their teams and assign training effectively. Ineffective training costs businesses an average of $13.5 million per year per 1,000 employees. With the rapid advancements in AI, the need for training tech and cybersecurity teams has never been more critical to future proofing your business. This conversation will seek to answer the questions many business leaders are facing in the wake of historic advancement in technology – how can be sure that their teams are equipped to do their jobs effectively and how do they determine which roles to create and hire for to keep their business ahead of these changes?

Register for "The art of identifying skills gaps: How to future-proof your IT team."

The art of identifying skills gaps: How to future-proof your IT team - ISSA International ISSA developed the Cyber Security Career Lifecycle® (CSCL) as a means to identify with its members. ISSA members span the information security profession - from people who have yet to enter the profession to people who are entering into retirement. Realizing that the needs of its members change, as...

The 2023 ISSA International Awards are just two weeks away!

It is our pleasure to announce our nominees for ISSA's Hall of Fame. The Hall of Fame is a lifetime achievement award recognizing an individual's exceptional qualities of leadership in their own career and organization as well as an exemplary commitment to the information security profession.

A few of this year's finalists include:
- Clément Dupuis, CD (Posthumous Nomination),
- Randall Frietzsche,
- Richard Greenberg,
- Dr. Shawn Murray, and
- Troy Hunt!

Join us virtually on August 5th for the 2023 ISSA International Awards!

Learn more at issa.org/annual-award/2023/

Good cybersecurity governance is more important than ever before with new mandates from the SEC on cybersecurity risk management and the increasing emphasis placed on information security by investors. By building a cybersecurity governance framework that connects your programs and processes with your controls, frameworks and policies, you can increase visibility into your program and empower stakeholders to protect against cyber risk.

Join us August 2nd as Sam Aiello and ProcessUnity's Andrew Egoroff join ISSA International Board Director, Lee Neely to discuss, "How to Build an Effective Cybersecurity Governance Framework."

In this webinar, you will learn how to:
- Establish a strong program baseline by crosswalking your controls, policies and procedures;
- Create enterprise-wide accountability for risks, policies and controls from the operational level to the board level;
- Align technology and departments on risk management workflows;
- Optimize your program’s operations to improve your organization’s security posture.

Learn more - https://www.issa.org/event/how-to-build-an-effective-cybersecurity-governance-framework/

The 2023 ISSA International Awards are almost here!

It is our pleasure to announce some of our nominees for ISSA's Volunteer of the Year. The Volunteer of the Year Award recognizes a member who has made a significant difference to their chapter, the association or the information security community through dedicated and selfless service to ISSA.

A few of this year's finalists include:
- Rashmi Bharathan,
- Richard Larkins,
- Robert Kinzer👨🏼‍💻, and
- Sarah Duncan!

Join us virtually on August 5th for the 2023 ISSA International Awards!

Learn more at https://www.issa.org/annual-award/2023/

The 2023 ISSA International Awards are almost here!

It is our pleasure to announce some of our nominees for ISSA's Volunteer of the Year. The Volunteer of the Year Award recognizes a member who has made a significant difference to their chapter, the association or the information security community through dedicated and selfless service to ISSA.

This year's finalists include:
- Jack Freund,
- Karen Williams,
- Laurence Holt, and
- Phebe C. Swope!

Join us virtually on August 5th for the 2023 ISSA International Awards!

Learn more at https://www.issa.org/annual-award/2023/

Don’t miss the party of the decade! Join us during BlackHat on Wed, August 9 from 5-8 PM for our totally rad 90s party, hosted by QuintessenceLabs. Sponsorships available Register today!

Stuck in the 90's Party! Black Hat 2023 Enjoy some refreshments, a DJ spinning 90s tunes all night long, and much more nostalgic fun!

How does an Executive Board approve a budget with so many competing priorities for the same pool of money? How do you prove security is worth the investment when your function is considered overhead, not a profit center?

Join us July 25th when Pamela Fusco shares her experience with Dr. Curtis Coker Campbell for, "Getting your budget approved by your Board/Executive Staff."

Register today! https://www.issa.org/event/wis-getting-your-budget-approved-by-your-board-executive-staff/

Calling all CISOs and C-level cyber professionals -
Join us in Las Vegas, August 5th and 6th, for our next Cyber Executive Forum!

The cyber executive forum is a unique, intimate learning experience designed exclusively for c-level cyber professionals. Attendance is by invitation only.

Interactive expert-led talks and panels - Listen to experts who provide knowledge and experience on topics in cybersecurity, leadership, and wellness.

Roundtable sessions - Gather with peers from leading organizations and various industries to discuss relevant topics inspired by the latest topics and research in small-group sessions.

Peer conversations. - Join peer-to-peer discussions organically throughout the forum. Discover how C-level security executives discover ways to tackle the challenges you face every day.

Social engagements - Enjoy and build new business relationships with peers as they engage in welcome receptions and special evening events.

Each forum provides new concepts and actionable ideas to bring back to your organization to help you achieve critical business results and you can receive Continuing Education Units or Continuing Professional Education Credits for attending.

Learn more -

August Cyber Executive Forum 2023 - ISSA International ISSA's Cyber Executive Forum is a quarterly gathering of some of the brightest minds in the cyber security world. Join us and other cyber security leaders at the Delano Las Vegas in Las Vegas, NV, on August 5 and August 6 for the latest Cyber Executive Forum.