This article can also be found in the Premium Editorial Download "Information Security magazine: Security 7 Award winners and the latest on effective security awareness."
Download it now to read this article plus other related content.
Information security professionals are often unsung heroes, quietly going about the business of securing their organizations' assets without fanfare. Their work is incredibly complex yet recognition can be rare. But every fall, we fill the gap with our Security 7 Awards, which honor outstanding security pros in seven vertical markets.
This is the sixth year we've handed out the Security 7 Awards, and the honor roll is certainly illustrious with industry pioneers and thought leaders as Dorothy Denning and Gene Spafford. But the list of winners includes many hard-working security pros whose names aren't well known but who are on the front lines of enterprise security, finding innovative ways to ensure data is protected against an ever-changing threat environment.
The security profession has come a long way from the days of focusing on firewalls to keep intruders out. Today, it's about risk management and balancing data protection initiatives within the context of the business. This year's winners have proven adept at that tricky balancing act.
Beginning on page 19, you can hear from them directly on how they meet the security challenges of today and their visions for the future. We're pleased to add to our Security 7 honor roll: Phil Agcaoili of Cox Communications; Brian Engle of Temple-Inland; Addison Avenue Federal Credit Union's Blanca Guerrero; Christopher Ipsen of the state of Nevada; Philips Healthcare's Nick Mankovich; University of Rochester's Julie
For the third year in a row, we've turned the presentation of the awards in our publication over to the winners, inviting them to write an essay on an information security topic they felt passionate about. The results have been spectacular and this year is no exception. We are fortunate to have them share their thoughts and you would be well served to absorb their insights.
While the winners all have unique perspectives and face specific challenges in their particular industry, some of overriding themes should resonate strongly for anyone in the business of information security. The need to achieve a balance between security risks and business concerns for cost and productivity is paramount across industries. Ongoing oversight and monitoring is critical for successful risk management. And any business that provides online services to its customers must walk a fine line between security and usability.
These days, what organization isn't grappling with the influx of consumer devices like iPhones and the security risks they bring? At the same time, companies are eagerly shifting to cloud services, raising all sorts of issues for corporate data security.
This year's winners have implemented authentication systems and fraud detection technologies, devised risk management methodologies, and educated their users and customers. Some have worked tirelessly with industry groups, federal officials, standards bodies, and elected leaders to ensure security efforts are realized. They are dedicated, industrious and determined.
You'll get a sense of the passion these security pros feel for their jobs. Their essays are both enlightening and inspiring. But you don't have to hear it from me. Our winners express it best.
Marcia Savage is editor of Information Security. Send comments on this column to firstname.lastname@example.org
This was first published in October 2010