What we’re about
Information Systems Security Association (ISSA) is a not-for-profit, international professional organization of information security professionals and practitioners. It was founded in 1984 by Sandra M. Lambert and Nancy King (albeit work on its establishment started in 1982). ISSA promotes the sharing of information security management practices through educational forums, publications and networking opportunities among security professionals. ISSA is present in more than one hundred countries, including Europe and Asia, with more than 10,000 members.
As the founding chapter of ISSA, ISSA Los Angeles (ISSA-LA) has become the premier catalyst and community resource in Southern California for improving the practice of information security. The Chapter provides various training classes and lectures for information Security and IT professionals throughout the year and at the annual Summit. We accomplish this by providing:
- Education, networking and support to information security practitioners
- IT practitioners with information security responsibilities
- Information security vendors
- Outreach, advocacy and education to the broader Los Angeles community
ISSA-LA meets monthly for lunch and dinner and regularly collaborates with other IT and InfoSec organizations, having joint meetings with ISACA, OWASP, the Cloud Security Alliance, HTCIA, and the Association of IT Professionals to name a few.
Upcoming events (4)
See all- May 15 2024: How the CISO role is Changing & CISA Services OverviewAccenture, Los Angeles, CA
You must register and pay to attend: https://www.eventbrite.com/e/how-the-ciso-role-is-changing-and-cisa-services-overview-tickets-853070596117
### Topic One: How the CISO Role is Changing
With an increasing threat to information security for organizations, the CISO role is moving from a technical role to an executive advisor role. This executive function is responsible for information security across all layers of an organization with the ability to engage business stakeholders as well as technical teams. To ensure compliance with the security policy among different groups within the organization, such as employees, the board, and the IT department, the CISO must be able to adopt different postures with a focus on the business. As organizations and individuals alike rely increasingly on interconnected technologies, they face escalating cyber risks that can result in devastating financial losses, reputational damage, and legal repercussions. Soft skills are thus a priority to be able to effectively gain buy-in from the business and operationalize strategies.
### Speaker: Jeffrey Aguilar
As Chief Information Security Officer of Los Angeles County, Jeffrey is responsible for all aspects of information security, including information security governance, strategic direction, executive advisory, program maturity, and adherence to federal information security policy. Other responsibilities include participating in information technology advisory bodies, and other committees or agencies involving County policies, plans, methodologies, and programs related to information security. Jeffrey is also responsible for working with the County Chief Information Officer and providing information security leadership and advisory across the 38 disparate County departments which includes but not limited to Healthcare, Justice, Elections, Tax collection and County operations.
### Topic Two: CISA Services Overview
This presentation will cover services provided by the Cybersecurity and Infrastructure Security Agency (CISA). CISA leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure and works with partners to defend against today’s threats and collaborate to build a more secure and resilient infrastructure for the future. The presentation will include information on no-cost services that are available to Federal Government; State, Local, Tribal and Territorial Government; Private Industry; Academia; and NGO and Non-Profit organizations.
### Speakers: Mario Garcia & Vincent Chapman
Mario Garcia joined the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) in May 2021 as a Cybersecurity Advisor (CSA), and serves as the Cybersecurity State Coordinator (CSC) for California. In these roles, Mario builds strategic public and private sector relationships with state, local, tribal, and private sector entities, and serves as a principal point of contact to non-Federal entities interested in engaging with the Federal government to prepare, manage and respond to cybersecurity incidents. Before joining CISA, Mario was the Deputy Commander/Acting Commander for the California Cybersecurity Integration Center. The multiagency center is the hub of the state’s cybersecurity activities, providing overarching strategy, information-sharing, cyber threat intelligence, risk assessment, warning, and incident response. Over the preceding 20 years, Mario worked in the California Army National Guard’s Command, Control, Communications, and Computers (“J6”) Directorate. In this capacity, he held several positions, including Network Operations and Security Center (NOSC) Manager, Telecommunications Manager, Application Development and Web Services Manager, and IT Logistics and Support Manager. Mario has a Master of Science degree in Computer Information Systems from the University of Phoenix.
Vincent Chapman is a cybersecurity advocate who has worked to make the world cyber safe in his roles as a cybersecurity auditor, educator, and cybersecurity manager for the past 30 years. Vincent joined the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) in 2023. He currently serves as a cybersecurity advisor for San Diego and Imperial counties. Prior to CISA, Vincent was a defense contractor specializing in cybersecurity engineering, and auditing IT governance, risk, and compliance.
- June 19 2024: Updates to Common Compliance Frameworks – Raising the BarAccenture, Los Angeles, CA
You must register and pay to attend: https://www.eventbrite.com/e/updates-to-common-compliance-frameworks-raising-the-bar-tickets-859633084697
### Topic: Updates to Common Compliance Frameworks – Raising the Bar
In today’s ever evolving threat landscape, we are facing more uncertainties than ever before. Businesses need to have reliable data protection processes, be ready to face any cyber threat that could damage their business, and continue to meet stakeholders' expectations all while remaining compliant with constantly changing regulatory requirements. As soon as you feel like your compliance efforts are on track, a new update is announced.
In this presentation with KirkpatrickPrice President and Founder Joseph Kirkpatrick, raise the bar on your compliance efforts. Learn how you can create a compliance program that is scalable and prepared to face today's threats confidently. Together we will dissect the changes associated with PCI DSS 4.0, ISO 27001, and NIST CSF, and how to handle updating or implementing your own controls to maintain compliance.
At the end of the session, participants will:
- Understand the updates to PCI DSS 4.0, ISO 27001, and NIST CSF
- Know how to update their security program to remain compliant
- Face today's threats confidently
### Speaker: Joseph Kirkpatrick
As Founder and President of KirkpatrickPrice, Joseph Kirkpatrick has spent over a decade developing the firm’s trailblazing initiatives in information security audit delivery and ethical hacking. Under his leadership, KirkpatrickPrice has delivered thousands of audit reports and information security engagements to clients of all sizes worldwide. Joseph enjoys educating, empowering, and inspiring clients by navigating them through the complex maze of compliance and regulatory requirements. Joseph is a CPA with over 25 years of experience in information technology. He holds CISSP, CISA, CGEIT, CRISC, and QSA certifications, specializing in data security, cybersecurity, IT governance, and regulatory compliance.
- July 17 2024: Welcome to the Internet - the boring stuff you never thought aboutAccenture, Los Angeles, CA
You must register and pay to attend: https://www.eventbrite.com/e/welcome-to-the-internet-all-the-boring-stuff-you-never-thought-about-tickets-873410964707
### Topic: Welcome to the Internet -- all the boring stuff you never thought about
With over three decades of experience in technology, John Crain will discuss how the Internet works from the viewpoint of various organizations, including ICANN. He will also talk about some of the efforts underway to advance Internet security & stability and how you can get involved.
### Speaker: John Crain
John is the Chief Technology Officer for the Internet Corporation for Assigned Names and Numbers . A member of ICANN's executive team, John works with staff and the community to enable and enhance capabilities that improve the overall security, stability, and resiliency of the Internet’s identifier systems and associated infrastructures. He also represents ICANN in operational and technical dialogues and forums to ensure the community’s engagement with these programs.
Prior to his time at ICANN, John worked as part of the executive management team at RIPE NCC in Amsterdam. RIPE NCC is the regional Internet registry (RIR) that provides Internet resource allocations for Europe and surrounding areas. John has been directly involved in the administration of Internet identifiers since his start at RIPE NCC in 1995 and has worked in all areas of Internet Protocol (IP) address administration. John also has extensive experience in Domain Name System (DNS) administration and managing Internet infrastructure services.