(ISC)²® Announces Winners of 12th Annual U.S. Government Information Security Leadership Awards
Washington, D.C. (PRWEB) May 14, 2015 -- (ISC)2® (“ISC-squared”), the largest not-for-profit membership body of certified information and software security professionals, with nearly 110,000 members worldwide, today announced the winners of its annual U.S. Government Information Security Leadership Awards (GISLA) program during a gathering of government information security executives at the GISLA Gala in Washington, D.C.
A judging committee of senior information security experts from (ISC)2’s U.S. Government Advisory Council (USGAC) and industry assessed individual and team achievements of a select group of nominees and awarded GISLAs in seven distinct categories.
The 2015 GISLA recipients are as follows:
Category: Technology Improvement
John Simms, CISSP, ITIL 3.0, MCSE, PMP, requirements and acquisition support branch chief and Continuous Diagnostics and Mitigation (CDM) program manager, Department of Homeland Security (DHS), Office of Cybersecurity and Communications took an innovative approach to rapidly deploy nearly $60M of CDM tools to 21 agencies through a product-only task order focused on those agencies that could immediately benefit from additional tools. Mr. Simms’ approach not only supported rapid security improvement for those agencies, but resulted in a $26M cost avoidance and an average 30 percent reduction of GSA IT Schedule 70 prices. Through his efforts, Mr. Simms ensured that the critical capabilities necessary to meet emerging cyber threats government-wide were acquired to protect federal networks while saving tax-payer dollars.
Category: Community Awareness
As the U.S. Marine’s first National Cyber Protection Team, 81 Cyber Protection Team (CPT) quickly became the most sophisticated incident response element in the Department of Defense (DoD). 81 CPT created innovative approaches to building an advanced defensive cyberspace capability in the areas of training, technology employment, methodologies and mission planning. Utilizing both proprietary and commercial technology, the team built one of the most modern and effective defensive cyber programs for DoD, including a CPT toolkit that has become the standard for all CPTs across DoD. In the area of training, 81 CPT produced experts capable of conducting incident response, vulnerability analysis and mitigation, and procedure/methodology enhancements to any government organization. As a result, 81 CPT has shaped the way that the U.S. Cyber Command implements CPTs and has set the standard for other DoD teams.
Category: Workforce Improvement
Michael C. Redman, CISSP, CISM, CCNA, CompTIA Network+, CompTIA Security+, CompTIA A+, CompTIA Linux+, MCP, MCSA, senior information assurance manager and chief, Policy and Accreditation Branch identified a training gap for DoD cybersecurity professionals and delivered in-house training courses to over 300 personnel using training materials that he created. As a result of the innovative knowledge transfer to students at their level of learning, 93 percent achieved a pass rate on certifications such as CISSP, CISM, Security+ and Linux+. His holistic approach to information security and course development is bridging the gap between standard course material and the daily reality of civil servants and DoD personnel.
Category: Process/Policy
Benjamin Bergersen, cloud cybersecurity program manager, MAX.gov Shared Services, U.S. Department of Education utilized his expertise in the areas of government-wide collaboration, building high performance teams, business process transformation, IT governance, strategy, enterprise architecture, information security and portfolio management to lead security transformation of cybersecurity business processes for MAX.gov Shared Services. His ability to coordinate dozens of staff, multiple major applications, hundreds of servers and over 120,000 users employing the Federal Risk Authorization Management Program (FedRAMP) model resulted in MAX.gov becoming the first federal agency application and software-as-a-service (SaaS) agency to become FedRAMP authorized.
Category: Most Valuable Industry Partner (MVIP)
The CERT Coordinating Center (CERT/CC) Vulnerability Research and Coordination team, Carnegie Mellon University Software Engineering Institute pioneered efforts in vulnerability research automation for existing and emerging computing domains that have significantly strengthened the larger US-CERT mission of improving information security and providing value to industry partners. The team deployed the Tapioca automated vulnerability discovery tool and applied it to the 11,000 applications available on the Google Play Store. Within a period of several days, over 20,000 vulnerabilities —or 15 percent of the total vulnerabilities identified in 2014—were discovered. These results are enabling this new community of developers and vendors of the platforms they utilize to adopt better security practices and bring increased utility to the expanding universe of mobile devices.
Category: Up-and-Coming Information Security Professional
Samuel A. Maroon, IT operations instructor, U.S. State Department spends his spare time teaching and managing the Wounded Warrior Cyber Combat Academy (W2CCA), a program administered by the Federal IT Security Institute on behalf of the FITSI Foundation. Mr. Maroon has worked with more than 30 injured veterans – volunteering 15-20 hours per week – in order to train brave men and women to help protect their country against cyber attacks. By engaging these wounded warriors, he is tapping into a very talented and motivated resource pool to help address the current shortage of skilled cybersecurity workers while helping to protect our nation’s critical infrastructure.
Category: F. Lynn McNulty Tribute
W. Hord Tipton, CISSP, former executive director, (ISC)2, was the first government CIO to obtain a CISSP, helping to bring high-profile attention to the need for a more professionalized information security workforce. Throughout his career, Mr. Tipton drove support and advocated for federal government workforce initiatives such as the NICE Framework, DoD Directive 8570 and reform of OPM’s 2210 Job Series. He spearheaded major initiatives such as (ISC)2’s Global Academic Program (GAP) and U.S.A Cyber Warrior Scholarships that are currently assisting the government in filling its cybersecurity workforce gap. Hord has been instrumental in fostering the security education and certification of hundreds of thousands of individuals worldwide. He has dedicated his life to the advancement of the information security profession in the U.S. government and beyond, and is considered one of the most influential people in security.
Also announced during the GISLA ceremony was the U.S.A. Cyber Warrior Scholarship recipient. This scholarship program was developed by the (ISC)2 Foundation in collaboration with Booz Allen Hamilton to help close the government’s cyber workforce gap by providing cyber security career training to qualified veterans who served in the United States military.
U.S. A. Cyber Warrior Scholarship Recipient
Wajahat Qureshi ended his active duty in the Navy in 2007. He has served with Navy Reserve Command, and in 2013 was named Sailor of the Year. His career goals include attaining his Certified Information Systems Security Professional (CISSP) and earning a commission into the U.S. Navy Reserve as the information warfare designated officer.
For more information on the GISLA program, including past recipients, selection criteria and eligibility requirements, please visit http://www.isc2.org/gisla.
For more information about the U.S.A. Cyber Warrior Scholarship, please visit https://www.isc2cares.org.
About (ISC)²
Formed in 1989, (ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with nearly 110,000 members in more than 160 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Authorization Professional (CAP), Certified Cyber Forensics Professional (CCFP), Certified Cloud Security Professional (CCSPSM), Certified Information Systems Security Professional (CISSP) and related concentrations, Certified Secure Software Lifecycle Professional (CSSLP), HealthCare Information Security and Privacy Practitioner (HCISPP) and Systems Security Certified Practitioner (SSCP) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information and software security topics. More information is available at http://www.isc2.org.
© 2015, (ISC)² Inc., (ISC)², CAP, CCFP, CISSP, CSSLP, SSCP and CBK are registered marks, and CCSP and HCISPP are service marks, of (ISC)2, Inc.
Courtney Beveridge, (ISC)², +1 703-618-8205, [email protected]
Share this article