As we delve into the security issues of protecting our identity online I got the feeling that October was having an identity crisis of its own – it is known as Anti-Bullying Month, Breast Cancer Awareness Month, and National Cyber-Security Awareness Month to begin with. But it is also Adopt a Shelter Dog Month, Apple Jack Month, Cookie Month, International Drum Month, National Diabetes Month, National Pizza Month, National Popcorn Popping Month, Seafood Month, and National Sarcastic Month, among others. Not sure how many of those you celebrated but here is my recap of some of the events I participated in for National Cyber-Security Awareness Month (#NCSAM).
From September 29 – October 2, ASIS International celebrated its 60th Annual Seminar and Exhibits Conference in Atlanta, Georgia (www.securityexpo.org). From the ASIS website: “ASIS International is the preeminent organization for security professionals, with more than 38,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests.” In addition, ASIS administers three internationally accredited certifications: the Certified Protection Professional (CPP), Professional Certified Investigator (PCI), and the Physical Security Professional (PSP). I was not able to take in any of the seminars but had time to browse in the exhibit hall(s) in between meetings. It seemed every security vendor was represented with displays, demos, literature, and give-a-ways, for those who like to collect security tech stress balls and pens. But among the throng there were some tidbits worth noting – I focused on the security publications and degree programs. As an author who has written about the security skills shortage, I am always on the lookout for how we are preparing the next generation of security professionals. A few that stood out for me were:
- The International Association for Healthcare Security & Safety (https://www.iahss.org) had their Healthcare Security Industry Guidelines Spring 2014 IAHSS Handbook It is a great quick and ready reference for those in charge of healthcare security and safety – simple to read, easy to comprehend, and thorough.
- Symantec offered a “Top Ten Tips for Cyber-Resilience” (http://go.symantec.com/cyber-resilience) reminding us that cyber security is only one level of protection.
- A&S Magazines had three editions on display: A&S International (asmag.com), A&S SMAHome (www.mysmahome.com), and A&S Asia (www.asmag.com). All three provide invaluable expert advise and leading edge articles concerning security issues from a specific geographical area or for a specific security topic (such as IoT and Smart Homes).
- SC Magazine (http://www.scmagazine.com) was also exhibiting. Their October edition has an article about passwords being passé that coincides nicely with my biometrics article for SciTech (http://www.elsevier.com/connect/amid-rampant-data-breaches-and-hacks-biometrics-takes-off).
- Institutions of Higher Education with degree programs were also well represented: the National Cyber Security Institute at Excelsior College (http://www.nationalcybersecurityinstitute.org), American Military University (http://www.amu.apus.edu/lp2/homeland-security), Texas A&M (https://teexweb.tamu.edu), and Webster University (http://www.webster.edu/masters/business-and-organizational-security.html) just to name a few.
Next on my agenda was the Information Systems Security Association (ISSA) International Conference held at the Disney World Contemporary Resort in Florida from October 22 – 23. I was honored to be asked to be the inaugural ISSA Women in Security SIG breakfast keynote. The title of my presentation was “Women and the Future of Security Leadership” but it delved into a number of current, near and mid-term security challenges and how leadership can fill the gap. The handout is available below. Besides my presentation I was able to attend two others. Here are some highlights from each:
- Raj Goel (http://www.rajgoel.com) gave a talk on “Panopticon” with a focus on the architecture of global surveillance. His basic premise is that of a cyber-civil rights activist. He believes any surveillance is suspect and did not hesitate to include Disney and the House of the Mouse as major culprits in league with the government and privacy saboteurs. He had some interesting examples of how far certain tactics can reach but we had a little disagreement about balancing irrational panic and dealing with real threats that an organization can do something about.
- The other session I attended was the ISSA WIS Lightening Talks with Samantha Menke, Anne Rogers, and Amber Shroader. All three of these highly successful security professionals and leaders took turns discussing the current state of security concerns including mobile apps, digital forensics, the current threat-scape, the difference between fire inspectors and firemen, and growing concerns regarding the Internet of Things including what may happened when these devices begin to be connected to each other. They offered fascinating insights as well as thought-provoking questions. (http://www.issa.org/?page=sigs&terms=%22sig%22).
The last event was held at Athens Regional Library in Athens, Georgia, to celebrate National Cyber-Security Awareness Month (#NCSAM). I gave an author discussion regarding “online privacy, security and safety” on October 28. During the event a number of issues were explored with the participants:
- The new world full of digital threats: breaches, hacks, social engineering and thefts, well as “Online Risks”: reputational, operational and legal plus “Consequences”: financial, penalties, loss of trust and loss of jobs.
- Privacy defines as “a person’s right to control access to his or her personal information.” “If you put it out there on social media, consider it public.” Information collected is as much as you give them and consider about security of smart phones, tablets, cloud computing and passwords.
- Identity theft, what to do if you are a victim of identity theft and gave resources including the Federal Trade Commission (FTC) website including consumer information. How to protect your online identity and cyber bullying.
- Last, Cyber-bullying, the use of the Internet and related technologies, such as cell phones, to harm other people, in a deliberate, repeated and hostile manner. Tips were shared for victims of cyber bullying, both personal and in the workplace.
You can download the PowerPoint below.
As you can see it was a busy month but there were tons of events focusing on cyber-security awareness. To learn more see: http://www.dhs.gov/national-cyber-security-awareness-month-2014. It is never too early to plan for NCSAM 2015 – contact us to organize an event in your area.