Conference coverage

ISSA International Conference attendees talk whistleblowing and more

Emily McLaughlin, Associate Site Editor

Didn't attend the 2013 Information Systems Security Association's International Conference in Nashville, Tenn., this past week? Don't worry; SearchCompliance and Twitter have got you covered. As you await our extensive video coverage from the show, check out some

    Requires Free Membership to View

of the conference's top tweets from sessions and keynotes on the first day of the conference, Wednesday, Oct. 9.

More tips for security professionals

CISO's cloud procurement and security responsibilities

Skills necessary for CISO survival

Security conscience is key for CISO

Glenn Harlan Reynolds kicked things off with a keynote titled, "Don't Fear the Leaker." Blue Ö yster Cult jokes aside, the talk by Reynolds, the Beauchamp Brogan Distinguished Professor of Law at the University of Tennessee, gave a unique perspective on law and the role of technology in empowering ordinary people to follow the "if you see something, say something" rule, while also illuminating the differences between ethical leaking and whistleblowing:

In light of the recent National Security Agency revelations and other government leaks, it's clear that whistleblowing often provokes controversy. Reynolds pointed out the key benefit of this phenomenon: trust.

Reynolds proposed organizations build a culture around appropriate and inappropriate whistleblowing:

Following Reynolds' keynote, ISSA conference attendees filtered into several different information sessions led by security professionals. Here are highlights from some of the Day One sessions:

Every Move You Make, Every Step You Take: Geolocation Privacy: How can "they" know where you were last year, month, week or even minute, and who are "they," anyway? Derek E. Isaacs, a senior cybersecurity engineer at Colorado Springs, Colo.-based Boecore Inc., discussed the effects of geolocation and location-based services with regards to personal and professional movement:

Enhancing Visibility and Response to Provide Effective Information Risk Management and Security: Jay Leek, chief information security officer at New York City-based The Blackstone Group LP, suggested that for many it's no longer a matter of if, but rather when their defenses will be infiltrated and systems compromised. Leek's session provided advice for adjusting defense approaches by shifting some focus away from a prevention strategy and investing more in enhancing visibility and response capabilities. Here's what conference tweeters took away:

Focusing on Your Data to Change the Information Security Game: In his mobile security session, James Robinson, security architecture and strategy officer at San Diego-based Websense Inc., touched on transforming users, evolving your threat model and implementing new data-driven approaches to identifying, mitigating and combatting threats. Here are some tips from Robinson's session:

Real-Time Risk Management: Death of the Rainbow: "We are doing it WRONG!" read the abstract for Caleb Merriman's real-time risk management session. Merriman, chief information security officer at Blue Cross Blue Shield of Tennessee, suggested that current efforts to effectively manage information security risk only create confusion, increase cost and provide a false sense of security:

Stay tuned for more Twitter session recaps and video coverage from ISSA International Conference on SearchCompliance. To read more online conversations from the conference, search "#ISSAConf" on Twitter.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: