A few weeks ago I attended InfoSec World 2015. The IJIS Institute is an association partner of the event and this was our first visit to this annual conference and expo. It is put on by the MIS Training Institute (MISTI).
InfoSec World 2015 was a great experience and it provided a different perspective on the very large topic of cybersecurity that we are used to seeing at the IJIS Institute events. The conference is focused on the perspectives of technologists and Certified Information Systems Security Officers (CISSO) in the quest for cybersecurity. I am more accustomed to hearing discussions about front end access to systems and Identity Management (ICAM) issues versus the deep technology dives at InfoSec. It was a refreshing change of pace to look at this topic from another angle.
Two quick thoughts regarding InfoSec World 2015:
- There was a lot of discussion at the event about understanding the vulnerability contours in the world of open source, and how pervasive and continuously growing the use of open source is even with known vulnerabilities. Some of the environments that we might consider the most secure are still using open source components with known vulnerabilities. As open source is essential and obviously here to stay, the path forward looks like the same path one might use to eat an elephant…focusing on one bite at a time by bolstering the immediate lines of defense with operating system component patches.
- The term incident response, as in cyber incident response, was thrown around a lot at this conference. Assistant Special Agent in Charge Ari M. Baranoff, U. S. Secret Service/Criminal Investigative Division, gave a fantastic keynote address on organized cybercrime, and stepped through the cyber incident response steps of investigation, arrest, and prosecution. It struck me that the world of law enforcement/criminal justice incident response and cyber incident response are not as different as you might think at first glance. I recently heard about companies using the Incident Command System, borrowed from the fire service, to manage cyber incident response. What things can law enforcement/public safety and cyber crime fighters learn from one another about incident response?
It was a great time to immerse myself in this cybersecurity perspective at InfoSec World 2015 considering that the IJIS Institute, through the Standards Coordinating Council, is getting more and more involved in the defense against cyber attacks through the development of standards for sharing cyber incident information. Stay tuned to the IJIS Factor blog for more on the SCC and Executive Order 13691 on Promoting Private Sector Cybersecurity Information Sharing.