In times of limited budgets and resources, user groups may offer just the advice and camraderie you need.
I had the pleasure a few months back to attend the Agora security user group meeting in Seattle. Agora was formed more than 10 years ago to bring security professionals, law enforcement and government together to help thwart cyberattacks.
My takeaway: If busy schedules have prevented you from joining a local user group or professional organization, I would recommend you make the time to do so. First, it provides a place to bounce ideas and offers a perspective you may not get in the confines of your office. And second, it is a good way to network and meet other security professionals as part of your career development.
At Agora, it was easy to see some very strong relationships had formed. While a quarterly Northwest regional event, many participants travel cross-country to attend. Participants span the spectrum--from well known Fortune 500 corporations, to smaller entities, to federal, state and local government. Typically 500-600 participants are invited and 200-300 attend. At the meeting I attended, there was a presentation on cyberterrorism and a dissection of a hack. Other meetings included a Google hacking contest, cyberattack exercises and a privacy raid.
Some of the most provocative comments came in side discussions. One security professional groused he was in the precarious position of having to pay extortion money if his organization was hacked. The threats were simply getting too sophisticated and vendors weren't doing enough to protect him.
Another conversation touched on the need for security professionals to educate home users about information security as a way to spread knowledge from a grass-roots perspective. In another conversation, a CISO bemoaned the fact the security profession is failing consumers. With 150 million records compromised, we're not doing enough to keep this information confidential.
While it can certainly be argued that we're losing in terms of protecting information, this group has come up with other ways to protect consumers beyond the scope of their jobs. A few years ago, Agora founder Kirk Bailey volunteered to help a co-worker who was being stalked online when others ignored her pleas. Bailey used his Agora network to figure out a way to track down the stalker and bring him to justice. With the help of other Agora members, in particular Ivan Orton, a senior deputy prosecuting attorney in King County and a cybercrimes specialist, they were able to track the stalker via his ISP and get a subpoena based on a telephone harassment statute to prosecute. Since then, the state of Washington has passed a bill that makes cyberstalking a crime. It pays to network--on many fronts.
Same Site, New Look
It goes without saying that you are an impressive group of professionals that needs information at your fingertips. We hope to provide that information by combining the Information Security and SearchSecurity.com Web sites. There you'll be able to get all of our articles online including product reviews, columns and features. But you'll also have access to our Security Schools, news, blog, podcasts and screencasts. We hope you make the updated SearchSecurity.com your first stop every morning.