Blog
Highlights From Security Congress 2018 – And What to Look Forward To
By David Shearer, CISSP, (ISC)² CEO
When I made the decision two years ago to transform the annual (ISC)2 Security Congress into an independent event, I knew it would be a huge undertaking for our team, but I also understood the passion of our member base and that we had enough interest to support this evolution. After returning from the 2018 Congress held in New Orleans just a few weeks ago (from October 8-10) I am reaffirmed that it was the right move. Our attendees were genuinely enthralled with the caliber of speakers and sessions we pulled together and made me as proud as I’ve ever been to call myself a member of the cybersecurity community. We had nearly 2000 of our colleagues in attendance, which was wonderful, but our global member base is so much larger that I wanted to take a few minutes to catch up to speed those who weren’t able to make it in person. Following are some of the highlights that you missed, as well as a preview of next year’s Security Congress. I sincerely hope to see and speak with as many of you as possible in 2019!
On the weekend leading up to Security Congress, we ran pre-conference sessions, most of which were sold out. We were pleased once again to have our friends and members from the Cloud Security Alliance (CSA) join us on Sunday for a full-day CSA summit. On Monday morning, I talked about the need to change our industry’s messaging, focusing on the why behind cybersecurity’s importance in real life easy-to-appreciate ways. Defining ‘Why Cybersecurity’ and ‘Why (ISC)²’ will be a major focus for us going forward. I referenced the old BASF ad campaign about making everything better, and I provided some examples of how (ISC)² and cybersecurity contribute to business and mission enablement.
At (ISC)², our members don’t make many of the products and services you depend on, they make many of the products and services you depend on better.
- We don’t deliver emergency response services. We secure the data, software and technical infrastructure emergency responders rely on to save lives and property.
- We don’t make the firewall, SIEM or endpoint protection. We deploy, configure and manage the solutions that secure your critical assets every day.
- We don’t build production lines. We secure industrial control systems to ensure the food, medicines and products you buy are safe.
- We don’t create power lines or substations. We secure critical infrastructure, so nobody disrupts your power.
- We don’t make cloud solutions. We help you use the cloud with confidence, wherever you are, knowing your data and online transactions are secure.
- We don’t make smart cars and public transportation systems. We embed security into the software that controls them, so you get where need to be safely.
- We don’t make healthcare solutions. We secure the systems that deliver life-saving services and protect patient healthcare data.
At (ISC)², our members don’t make many of the products and services you depend on, they make many of the products and services you depend on better.
It was great to hear Louisiana Congressman Cedric Richmond thank all of our attendees for their hard work and dedication. It was equally exciting to hear his remarks on ‘Why Cybersecurity’ by imploring all of us in attendance to “make cybersecurity cool” if we hope to attract more to the profession. We then heard from Jane McGonigal, a noted game designer, about applying a gaming mentality to help us think through all the possible implications of emerging technologies.
On Tuesday we heard from the first female Mayor of New Orleans, who so eloquently expressed her concerns as a mother regarding online safety for children. We learned more about the outstanding work (ISC)²’s Center for Cyber Safety and Education is doing – delivering on our social responsibility. Some of us enjoyed a great parade to a riverboat fundraiser cruise to support the Center. Our keynote Theresa Payton, CEO of Fortalice Solutions and former CIO for the White House, gave us some real-world examples of her time serving the Oval Office regarding how users will work around security when we fail to design solutions that work for them. That is an important lesson for all of us to appreciate about the need to abstract the end user from the complexities of cybersecurity. We also held our Information Security Leadership Awards (ISLA) ceremony for the Americas where we honored some exceptional individuals who have significantly contributed to inspiring a safe and secure cyber world.
On Wednesday we continued our educational track sessions and we wrapped up with a keynote from Dr. Jessica Barker, co-founder of Cygenta, about the psychology (and reason for optimism) related to cybersecurity. Dr. Barker called out the mistakes we often make when we characterize end users as the problem as opposed to the solution to our security challenges. The three-day Security Congress and the pre-conference workshops were designed to deliver on our Enrich. Enable. Excel. theme. We hope we hit the mark for our attendees. We’re working through member surveys and post event lessons learned to continue to refine our programming and overall member experience.
I couldn’t be more grateful to our attendees that this was the second year in a row Security Congress sold out. As a result, for 2019 we’re excited to move to Orlando, Florida at the Walt Disney World Swan and Dolphin Resort from October 28-30. The new venue will provide us with a lot of increased capacity to continue to grow the event and to welcome more of our colleagues from around the globe. We want to avoid having to turn people away like we’ve had to do in 2017 and ‘18. For the six years following that, we’ll be at the Hyatt Regency Orlando. Orlando has a much larger and travel-friendly airport than host cities in previous years for international and domestic attendees alike.
Registration is now open! Please make sure to reserve your spot for Security Congress 2019 as early as possible by visiting: Congress.isc2.org
