The second annual awards ceremony honors recipients “for their innovation and success [in] bringing greater visibility to the information security profession”, according to (ISC)². Nominees from Central, North, and South America were eligible.
The awards program took place in the rotunda of Philadelphia’s Franklin Institute, in the shadow of a large marble likeness of the building’s namesake. The evening was highlighted by an address from Dr. Ernest McDuffie, lead of the National Initiative for Cybersecurity Education at NIST’s Information Technology Laboratory. McDuffie told the audience that it was programs like (ISC)²’s ISLA that highlight continued innovation in the field, as well as identify the unique contributions of those younger professionals who are vital to the sustainability of the information security profession.
The purpose of ISLA, (ISC)² says, is to recognize “those information security professionals or managers…who have demonstrated outstanding leadership and initiative by creating and implementing projects and policies that are effecting significant improvements to the information security workforce and bringing new and positive visibility to the profession”.
Awards were handed out in four categories, in addition to one special recognition award. The winners included:
- Information Security Practitioner: Lisa Kissler, CISA, GRC lead, Washington State Employment Security Department
- Managerial Professional for an Information Security Project: Ismael Cruz, CEO, Akiyama Corporation
- Senior Information Security Professional: Malcolm Harkins, CISO, Intel
- Up-and-Coming Information Security Professional: Shawn Marck, CCNA, JNCIA, VP of operations, Black Lotus Communications
- Community Service Star: Dr. Aury Curbelo, Security+, CEH, associate professor, University of Puerto Rico
Shawn Marck of Black Lotus, recipient of the Up-and-Coming Information Security Professional award, was honored for his development of a successful human behavior analysis (HBA) technique for detecting and mitigating Layer 7 (application layer) threats to commercial websites. “It’s important to highlight these achievements”, Marck told Infosecurity.
His company helps defend commercial websites against distributed denial-of-service (DDoS) attacks, focusing primarily on small to medium-sized businesses (SMBs). Marck said the emergence of hacktivist groups like Anonymous has resulted in an “exponential explosion in the need for DDoS mitigation technologies”. The problem with DDoS attacks, he added, is that they are relatively easy to execute, but require far more resources to defend against.
The panel of ISLA judges also awarded a Community Service Star to Dr. Aury Curbelo, associate professor at the University of Puerto Rico. Curbelo was recognized for her volunteer community outreach seeking to increase security awareness among the youth of Puerto Rico.
For the past year, Curbelo and her students have offered free training to university faculty and other teachers on social networking security, in addition to working with local churches to organize conferences aimed at educating families and teenagers on how to use social networks and other information systems safely.
Curbelo told Infosecurity that the program actually started as a theoretical assignment for her students, and she was subsequently approached by one student who asked if they could apply the project in the real world. The government in Puerto Rico has not dedicated resources for online security awareness programs, she added, so her students have been working with interested stakeholders to get the message out to young people: things like protecting against online scams, identifying phishing, explaining how hackers operate, and how the internet and computing devices can be abused. The goal, she said, is to expand the program across the entire island – “to raise the issue with the government that schools need a cybersecurity awareness program”. The primary roadblock to expansion, Curbelo explained, is the lack of funding.
Yet she remains optimistic that this initiative, only in its first year, is just getting off the ground and is poised for expansion. “The project is a challenge, and a great opportunity to let other people know what we are doing in Puerto Rico when it comes to addressing security.”