Wilson received the award for the certification and accreditation effort for the General Services Administration’s .GOV registry, which includes about 5,000 domains. Hughes led a team that set up a cyber dashboard for the Department of Defense to visualize, analyze, and generate reports from the aggregated and correlated data feeds of multiple legacy security systems.
Receiving a special recognition award was a team lead by David Rohret, senior systems engineer with CSC, which successfully completed over 150 system and system of systems assessments on rapidly fielded and developmental systems, as well as over 300 quick-look assessments on deployed systems, for the US Strategic Command’s Joint Information Operations Warfare Center.
Hord Tipton, executive director of the (ISC)², who doled out the awards, explained that the organization began to include federal contractors in its primarily government-focused awards in order to recognize the greater participation by the contractor community in government information security. “Federal contractors play such an important role in getting things done in the government security space”, Tipton told Infosecurity.
The federal government depends “heavily on contractors for spot needs. Getting contractors to do the work is a lot easier than having to hire [government] employees full-time. In many cases, they are more effective because of the type of work you need to do in security”, explained Tipton, the former chief information officer with the Department of Interior.
Most of the GISLA awards go to government information security personnel, both individually and as part of teams, in the areas of technology, workforce, and process/policy improvements, as well as community awareness.
“Security professionals seldom get recognition unless something is fouled up, and then it is the wrong kind of recognition. I’ve found that if you are doing a really good job of keeping the hackers and mischief away from your doorstep, then you are out of sight, out of mind”, Tipton said. “We want to make sure they get recognition, not only from their peers, but from other people in the information security profession”, he added.