Information Security & Privacy SIG 

About the SIG 

The Information Security and Privacy Special Interest Group (IS&P SIG) tackles the challenges and emerging threats and issues associated with protecting Federal Government information systems and the privacy of U.S. Citizens.  An active Government Advisory Panel consisting of executive security and privacy professionals from the Federal Government identifies their challenges and issues and provides advice on our plans, programs and products.  Our goal is to provide leadership, increase knowledge and present innovative ideas to enable our Government counterparts to support their missions, counter threats, and achieve compliance.

Focus Areas for 2010

• Cloud Computing security and privacy enablers
• Privacy and data protection
• Health IT security and privacy
• Comprehensive National Cybersecurity Initiative (CNCI)
• Security & Privacy Regulatory and Practice Updates (FISMA, NIST, HIPAA, etc)
• Risk management and security performance measurement

Meetings, Networking and Events

The SIG meets monthly on the 2nd Wednesday of each month from 10am - Noon.  Meetings are held in the 6th floor conference room of the IAC Offices in Fairfax, VA.  You can register to attend in person or participate via the Teleconference number provided.  Check the IAC calendar for meeting details or contact the SIG chair or vice chair.

Programs or events hosted by the Information Security and Privacy SIG are posted to the calendar and are generally conducted along with SIG regulary monthly meetings.   The IAC calendar and email messages will contain the details.   We also generally provide these events in person as well as broadcast them live via webinar.

Get Involved 

We are currently seeking individuals with interest in participating in the following activities with the goal of organizing an event or other activity over the course of this year:

• Cloud Computing:  Participate in ACT/IAC-wide program representing security and privacy
• Comprehensive National Cybersecurity Initiative (CNCI): Update and Plans
• Health IT security and privacy: What works to meet new security and privacy rules
• Social Networking:  Using it safely and securely to support improved government collaboration
• Security Performance Measurement: CyberScope, OMB’s new FISMA reporting and management solution 
• FEA Security and Privacy Profile: Participate in a group responsible for review and comment on a new draft

If you have a particular interest area and care to volunteer your time and energy, contact the chair or vice chair to get involved.

Membership

Membership in this SIG is open to anyone in the ACT-IAC membership.  Contact the chair or vice-chair for more information.

Visit the IS&P SIG on Facebook: http://www.facebook.com/group.php?gid=63260463593

Past Programs and Events

FISMA "NextGen" – March 22, 2010
The federal government is in a significant upgrade to address cybersecurity with heightened awareness on hackers penetrating their networks, fueled attacks from nation states, and data loss and leaks.  How will the government respond to these issues in the next generation FISMA guidance? What will be the impacts to the federal government, private sector and those currently doing business with the federal government? Follow the panel of experts consisting of:
Dr. Ron Ross, Senior Computer Scientist and Information Security Researcher, National Institute of Standards and Technology (NIST)
Mr. Dan Philpott, Editor, FISMApedia.com and Federal Information Security Architect, Tantus Technologies
Ms. Patricia Titus, Chief Information Security Officer, Unisys Corporation
as they delve into the Next Generation FISMA. 
Click here to access the FISMA NextGen webinar – 1 hr 57 min 12 sec: 20100322FISMANextGen.html

Consensus Audit Guidelines (CAG) Program - June 10, 2009 - A comprehensive discussion on the security and privacy considerations associated with the Consensus Audit Guidelines (CAG). John M. Gilligan, President of the Gilligan Group, Inc.,describes the background, content, and planned implementation of the 20 Critical Controls for Effective Cyber Defense: Consensus Audit Guidelines (CAG).

Cyber Security and Privacy Impacts of the American Recovery and Reinvestment (Economic Stimulus) Act of 2009 - March 11, 2009 - Barbara Ryland discussed the healthcare and HIPAA Security and Privacy regulatory impacts of the legislation. Robin Campbell discussed the specific implications of legislation as it pertains to security breaches and the applicable state regulations know as "breach notification" laws.Brian Flood presented his view of the various components of the act, the funding allocations, and agencies application of this funding with a focus on information security and privacy.

Cloud Computing Cyber Security and Privacy - May 13, 2009 -   A panel consisting of Kevin Skapinetz, IBM Internet Security Systems, Laurin H. Mills, D.C. Office Managing Partner, Nixon Peabody, LLP, Peter Mell, Senior Computer Scientist, NIST, and moderated by Jim Graham, SecureIT discussed the challenges and the real world issues impacting users and service providers to the Federal government market.

Integrating & Automating Security Functions through SCAP - July 8, 2009 -Webinar presented a discussion on Integrating & Automating Security Functions through SCAP at the Department of Energy (DOE) . Samara Moore, IT and Cyber Security Program Manager for the Office of the Under Secretary for the Department of Energy (DOE) and Ari Miller, Senior Information Security Consultant with DoE.