Arlington, VA (PRWEB) June 03, 2014
(ISC)²® (“ISC-squared”), the largest not-for-profit membership body of certified information and software security professionals with over 100,000 members worldwide, today announced the recipients of its annual U.S. Government Information Security Leadership Awards (GISLA) program during a gathering of federal information security executives at the GISLA Gala in Arlington, Va.
A judging committee of senior information security experts from (ISC)2’s U.S. Government Advisory Board for Cyber Security (GABCS) and industry assessed individual and team achievements of a select group of nominees and awarded GISLAs in five distinct categories.
The 2014 GISLA recipients are as follows:
Category: Technology Improvement
Jaime Vargas, Chief Information Security Officer (CISO) of the Department of Homeland Security (DHS) Office of the Inspector General (OIG) designed, developed, and implemented an Information Security Continuous Monitoring (ISCM) Program for the IT Infrastructure of the OIG that encompassed a state-of-the-art architectural solution using automated tools to support the implementation of the Risk Management Framework, and improved the effectiveness of the safeguards and countermeasures that remediate vulnerabilities. As a result, OIG’s FISMA compliance scores ranked amongst the highest in the federal government. OIG stands as a model component within DHS for information security compliance.
Category: Community Awareness
Mr. Erich Fronck, Regional Information Security Director for the Northeast Region at Veterans Administration (VA) led an awareness initiative utilizing a 100% stand-down approach that significantly raised the training compliance level for regional users. As a result, compliance rose to 99.62% in this sizable region with the number of individuals deficient in training decreasing from approximately 8,000 to less than 2,000. The success of this initiative has contributed to the improvement of the VA’s overall security posture.
Category: Workforce Improvement
The Cyberspace 200/300 Professional Continuing Education (PCE) Team, led by Dr. Robert F. Mills, Director of the Center for Cyberspace Research for the Air Force’s Cyberspace Technical Center of Excellence. Dr. Mills and his 27-member team faced the herculean task of planning, establishing, and implementing intermediate and advanced cyber security courses (Cyber 200/300) by applying innovative tactics, such as developing 40 joint network attack/defend/exploit capstone exercises with multiple virtual networks to give real-world hands-on training. This initiative ultimately contributed to the graduation of approximately 400 U.S. Department of Defense joint and allied cyber professionals and has provided the AF cyberspace security workforce with a learning continuum that fills a critical void in cyber workforce education.
Jeff Harriss, Team Lead, Access Control, OCIO-ITS-IOD Operations Security Branch at USDA set out to reduce the significant number of users granted elevated (administrator) permissions on their desktop computers in order to reduce risk within the USDA’s user base of 37,000 accounts. Jeff worked closely with customer development communities to pilot and test a solution that would not only resolve technical and procedural issues, but one that built and fostered positive working relationships with customer stakeholders, helping to speed adoption. By March of 2014, the number of Local Administrators had been reduced from 10% of the population to less than 1% and increased the overall security of this sizable user base.
Category: Federal Contractor
Mr. Sunny Tuteja, Founder, President, and Chief Executive Officer of AssurIT Consulting Group developed a Plan of Action and Milestones (POAM) Dashboard for the U.S. Department of Agriculture’s, Natural Resources Conservation Service, that brought previously unavailable visibility into the difficult and costly task of managing POAMs. His unique and innovative dashboard delivered a strategic view of system weaknesses that resulted in an expected closure of over 75% of the agency’s POAMs and an overall improved security posture at the Natural Resources Conservation Service.
For more information on the GISLA program, including past recipients, selection criteria and eligibility requirements, please visit http://www.isc2.org/gisla.
Formed in 1989 and celebrating its 25th anniversary, (ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with nearly 100,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), the Certified Cyber Forensics Professional (CCFPSM), Certified Authorization Professional (CAP®), HealthCare Information Security and Privacy Practitioner (HCISPPSM), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information and software security topics. More information is available at http://www.isc2.org.
© 2014, (ISC)² Inc., (ISC)², CISSP, ISSAP, ISSMP, ISSEP, CSSLP, CAP, SSCP and CBK are registered marks, and CCFP and HCISPP are service marks, of (ISC)², Inc.