I attended the second annual (ISC)² Security Congress, collocated with the ASIS International 58th Annual Seminar and Exhibits last week (September 10-13, 2012) held in Philadelphia and wanted to pass on some of what I saw there. Microsoft Trustworthy Computing was a sponsor of (ISC)² Security Congress and Microsoft Global Security had an exhibitor booth (seen in the picture above) on the ASIS show floor.
This was an interesting event to attend because of the mix of physical security topics that ASIS focuses on and the cyber-security related topics that (ISC)2 focuses on – the best of both security worlds at one event.
The event included three days of education sessions offered by both ASIS and (ISC)2. From an Information Technology professional’s perspective this was a powerful combination of session offerings as it gave attendees the chance to attend the cyber-security related sessions that they were interested in as well as attend ASIS sessions that they wouldn’t get access to at a typical Information Technology industry event. For example, I attended a session called “Software Assurance/SDLC Panel – The Supply Chain Is The Weakest Link” where a panel discussed the current state of secure development methodologies and their importance to the software supply chain. In the next session I attended, I learned how Tiffany & Co. protected their brand and reputation by managing their physical supply chain and counterfeiting and fraud programs. I was very impressed with the number of sessions offered at any given time and the varied topics they covered. A full list of sessions is available here.
While I was at (ISC)2 Security Congress I also had the chance to catch up with John Howie from the Cloud Security Alliance (CSA). The Cloud Security Alliance Congress 2012 is being held November 7 – November 8, 2012, in Orlando, Florida. I am speaking at this year’s CSA Congress in a plenary session called “CSA STAR: Lessons Learned by an Early Adopter.” Please join us if you can – this is also a great industry event.