Tuesday, December 11, 2018

(ISC)^2 Holiday Dinner 2018

Indeed hosted this year's holiday party for the Austin chapter of (ISC)^2. About 50 people attended and enjoyed a surprising German menu with sausages, sauerkraut, potato pancakes, and chocolate tort.
The computer security community here in Austin centers on OWASP, the Open Web Application Security Project. They host two conferences a year, BSides and LASCON. For over five years they have held weekly lunchtime study cells in space provided by National Instruments. With OWASP, the key word is "open." I am a member of OWASP and I am a technical writer. I volunteer to work the conventions and have even presented. But I hold no certifications in computer security. These people do. The CISSP certification from (ISC)^2 is the gold standard of competence in information security.

The International Information Systems Security
Certification Consortium

Austin boasts one of the largest computer security communities in the world. Fortune 500 companies and multinational corporations that are headquartered elsewhere put their IT departments in Austin.  The US Army Futures Command is here. But as large as it is, the infosec crowd is just another village and pretty soon everyone knows everyone. Parties like these are how we exchange cultural knowledge.

In addition to those large enterprises and governmental organizations, we have no shortage of start-ups. People here solve problems by advancing ideas, building technologies, and delivering solutions.

Austin has three epicenters of information technology: the north side, the hill country, and downtown. Downtown includes both the Congress Avenue corridor and the University of Texas.  The hill country runs west and north off the 360 and Farm to Market 2222 at the iconic Pennybacker Bridge. The north side, north of old Tech Ridge is where you find Dell, HP, GM, and many others. But tech is everywhere here. AMD is on Southwest Parkway. Freescale just moved from there to the Airport area where you can find competing server farms.

Indeed also hosted the launch of the Austin Security Alliance. Over a dozen groups sent representatives to create an ecosystem that will respond, adapt, grow, replicate. and evolve solutions to information security. It goes beyond mere firewalls, important as they are. The technology of trust is how we all sign a hundred contracts a day without even thinking about it. Every time you swipe a card, every time you log in, every time you visit a page, you authenticate by swapping secure tokens.

The most revealing facts were the ones not mentioned. For all of the vulnerability scans, red team - blue team, packet sniffing, threat assessments, responses and remediations, I never heard anyone actually say what they did. The tech talk was fairly abstract. There were no war stories. They did talk about other people's problems because huge data breaches are always in the news.


No comments:

Post a Comment