This article can also be found in the Premium Editorial Download "Information Security magazine: Security 7 Award winners sound off on key information security issues."
Download it now to read this article plus other related content.
Seven to be Heard
The 2008 Security 7 Award winners get their chance to talk to you.
Security people want to be heard. They want to talk to the CIO, whisper in the CFO's ear, croon to the board, and it's safe to say, scream at users. Problem is: an appropriate forum isn't always available.
We decided to make one available. Granted, we were a bit selective as to who was on our particular access control list. You had to be a security practitioner in good standing with an enterprise in any of seven markets. You had to have made important contributions to your organization and the security community. And you had to pass muster with us.
This year's Security 7 Award winners have the floor in this issue. Seven personal essays follow, each one a unique take on the security profession, coming from a variety of perspectives and backgrounds. This year's winners include a former U.S. Navy encryption officer, a CPA, a triathlete and a motorcycle enthusiast. They're stacked with the same issues the rest of the industry faces: compliance, data protection, infrastructure protection and policy creation and enforcement. They have to balance budgets, assess risk and soothe bosses. Just as you do.
But what makes this group special is their understanding that security goes
| deeper than firewall rules and ACLs. It's about understanding risk in the context of the business. It's about knowing where to best apply your resources, when to collaborate and when to batten down the hatches.
This is the fourth year we've handed out the Security 7 Award, and the honor roll has evolved into a noteworthy mix of dignitaries and hard-working enterprise professionals who merit a little more than a pat on the back from a superior. We're adding seven names to the list this year: Gene Spafford, Mark Weatherford, Bill Boni, Marc Sokol, Martin Valloud, Mark Burnette and Michael Mucha.
Some of the names, Spafford's in particular, you'll recognize; others you'll get to know in the pages to come. The seven will convene again next month at our Information Security Decisions conference in Chicago for a panel discussion about best practices, trends, what works and what doesn't; in many respects it's the highlight of the show.
Personally, this is my favorite issue of the year. It's a learning experience just wading through the dozens of nomination forms we get and determining a winner. Perhaps it's a bit of a bias, but security has to be the most innovative area in IT, especially when it comes to melding the business with an IT project. Our nominees are setting the bar with an enviable array of compliance initiatives, networking and security integration projects, and remote access and identity management solutions that don't require massive investments in software and consulting. Sometimes it's about out-of-the-box thinking; no ninja hacking required.
And those guys didn't make the cut.
As for the winners, they were nominated in most cases by their colleagues. It's the ultimate in peer validation for seven security veterans who are at the top of their profession. See for yourself what put them over the top here, and if you're fortunate enough, meet them next month at Information Security Decisions.
This was first published in October 2008