Blog
(ISC)² ISLA Winners from Around the World
This month marked the opening of nominations for the first-ever (ISC)² EMEA ISLA, allowing you to nominate fellow information security and management professionals throughout the private and public sectors across Europe, the Middle East and Africa.
The nomination categories are: Senior Information Security Professional, Information Security Practitioner, Up-and-Coming Information Security and Woman Information Security Professional.
Nominations must be put forward by a colleague, so we hope that many of you will feel inspired to put forward your professional peers. We do appreciate that nominating someone may seem like a daunting task, or you may be unsure whether who you have in mind even fits the bill altogether. So, by way of inspiration we have profiled past ISLA winners from the Americas and Asia Pacific regions – where the awards programme has already been running for the last eleven years. These previous winners are an eclectic bunch, whose stories range from an Up-and-Coming Information Security Professional with an unconventional background to a Senior Information Security Professional who started his career while still at university and is passionate about social responsibility.
We hope that by reading about those who have been previously honoured, you will feel enthused to get involved; as well as gain a flavour for the details we’re keen to see in your nominations. We’re really interested to get to know the nominees and find out what kind of person they are, what their professional backgrounds are, what they bring to their roles, what projects they have worked on and why you have decided to put the submission forward.
Diego Andrés Zuluaga Urrea, Senior Information Security Professional – Americas Information Security Leadership Awards 2016
Diego Andrés Zuluaga Urrea was named the winner of the Senior Information Security Professional. Diego started his career working as a Systems Administrator, while still studying in university, for the first ISP in Colombia. He saw malicious hackers working against the systems; on one occasion seeing nine university servers attacked in a single evening. After witnessing the vulnerabilities, he decided to learn more about information security on his own. Diego learned that creating a culture of security was just as important as technical knowledge.
The biggest professional challenge that Diego has faced was leading the development of cybersecurity regulation for the electric sector in Colombia. It began as a corporate social responsibility effort that required close work with several different companies within the sector, as well as other authorities and institutions. Identifying the cybersecurity needs, challenges and opportunities to be addressed was difficult, but the outcome was rewarding, as it created a better security posture for critical infrastructure in the country. Working in information security gives Diego new challenges every day and can involve anything from developing strategy to working on administrative networks and anything in between. Having the opportunity to learn daily and apply his experiences to new scenarios ensures that Diego is never bored. He hopes to continue his work in social responsibility, as making this world and the companies in it more secure, is an important achievement to Diego.
Jennifer Chermoshnyuk, CISM, Up-and-Coming Information Security Professional Award – Americas Information Security Leadership Awards 2016
Jennifer Chermoshyuk, Paralegal – Media and Technology Practices, Legal Holds Manager at the law firm of Davis Wright Tremaine, was named the winner of the Up-and-Coming Information Security Professional Award. Jennifer, an alumni of the University of Washington, holds a bachelor’s degree in Political Science, as well as a certificate in Information Security and Risk Management from the university.
The title “Paralegal” may seem unique for an information security professional, but Jennifer has more than 15 years of experience managing electronic discovery. So, it was a logical move for her to go from the Electronic Discovery Reference Model (EDRM) framework to cyber and information security. The project that was recognised in Jennifer’s ISLA nomination was part of her certificate programme at the University of Washington. She worked with other mid-career professionals from other industries to put together an information security evaluation and mitigation CLE for a group of in-house firm counsel, general counsel and risk/ethics counsel for most of the large and mid-sized firms in the Seattle area. The diversity of her team allowed them to address the challenges of the legal industry by utilising the depth and breadth of their collective experiences from a variety of backgrounds.
Dr. Heejo Lee, Information Security Educator – Asia-Pacific Information Security Leadership Achievements 2016
Over the past 25 years, Dr. Heejo Lee has consistently contributed to the advancement of security technologies across academia, private industries and government through education, research and industrial-academic cooperation projects in the field of cybersecurity.
One of the missions for his showcased project was to train undergraduate and graduate students via project participation and unveil the automatic platform IoTcube . The IoTcube platform is designed to enable non-security professionals and novice engineers the ability to analyse vulnerabilities in all kinds of IoT devices professionally. Dr. Lee and his team have developed the technology for black-box testing, white-box testing and network testing to develop an automatic platform to analyse security vulnerabilities in IoT devices.
The project first launched in South Korea in 2015, along with the establishment of the Center for Software Security and Assurance . The team also coordinated with a global research team including Korea University, Carnegie Mellon University, Oxford University, Swiss Federal Institute of Technology in Zurich, and Korea Internet & Security Agency (KISA), in order to build a global IoT security community and put scattered security technologies into one location to be shared by anyone in the world. Dr. Lee believes that the project has been a great experience, allowing faculty members to work together with young students and shared the results with everyone in the world via the IoTcube platform.
Dr. Lee has taught undergraduate Computer Science major courses on Computer Security since 2004. Open to both Computer Science majors and non-Computer Science majors, his courses have been attended by roughly 70 students each year. His classes are regarded as a “must take before you graduate” courses among seniors. Additionally, Dr. Lee has provided cybersecurity consultation to countries outside of South Korea, including the Philippines, Uzbekistan, Vietnam, Myanmar, Costa Rica and Cambodia.
Mack Bhatia, Information Security Practitioner Award – Americas Information Security Leadership Awards 2016
Mack Bhatia , Fractional Chief Information Security Officer and Information Security Practice Director, at Enterprise Integration, was named the winner of the Information Security Practitioner Award.
Bhatia, who has his bachelor’s degree in Organic Chemistry and a master’s degree in Business Administration, began his career in cybersecurity while working as an executive consultant. During a multi-year assignment, his client information security requirements evolved to encompass nearly every domain in the security field – from physical, to application, to network and beyond. The project became more than information security, and he was managing the overall risk for the business. This collaboration between his client and his team gave him the broad perspective of the varied domains in information security. His experience with this client, along with observing industry trends, inspired Mack to continue working to gain knowledge and field experience, eventually earning his CISSP®.
Mack enjoys working in the dynamic field of information security, and thrives in an environment where no day is the same as the last. Days may begin with client meetings to discuss NIST framework implementation, followed by communicating to his team how to protect their organisation from attacks, ending with reviewing reports on successful perimeter protection that his team has implemented for a client. As one of four founding members of the Northeast Florida Chapter of (ISC)², Mack has held various leadership roles within the chapter. Being deeply involved in chapter activities has allowed him to build relationships with others in the information security space. Bhatia has utilised these relationships to learn from others, in an ongoing effort to better support his clients and organization.
Nominate someone today
You can make your submission via the (ISC)² EMEA ISLA nomination web portal from now and until 12th July 2017, midnight BST. You will be able to find out the rules, guidelines and an FAQ relating to the (ISC)² EMEA ISLA here too. Submissions will be judged by members of the Europe, Middle East and Africa Advisory Council (EAC) , who are all practicing professionals and certified members of (ISC)².
The nominations are open to all professionals (members and nonmembers, barring (ISC)² staff and the judging panel) working in information, cyber, software or infrastructure security in the EMEA region. And while nominees must be living and working in EMEA, nominators can be from anywhere. It is also free to put someone forward.
Wishing you and your nominees success at the first ever EMEA ISLAs!